When you go into Netscape Messenger and check your mail, the software stores the password you used in the registry and encrypts it. It remains there for as long as netscape is open. The login and password is kept in: HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\biff\users\ username(varies)\servers\<mail server> Here is the scenario... Let's say Regular Joe A runs Netscape and then checks his email first off... He checks it,enters his password, and his password is stored in the registry... Let's say after he gets done checking his mail, he doesn't close netscape and decides to browse the web. He comes up along Malicious Site A which contains a malicious javascript code to read his local registry files and retrieve his mail server login(unencrypted), encrypted password, and his mail server. Well then the cracker could perform a brute force crack on the encryption and attempt to gain access to the Regular Joe A's ISP and/or pop3 e-mail account...
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:00 PDT