Hotline Client Plain password vuln.

From: Rense Buijen (Rense.Buijen@dct-mail.com)
Date: Thu Feb 28 2002 - 00:33:51 PST

Next message: secureat_private: "[CLA-2002:464] Conectiva Linux Security Announcement - squid"

Previous message: Rashed Alabbar: "NAI Gauntlet Firewall 5.5 for NT (Multiple Vendor HTTP CONNECT TCP Tunnel Vulnerability (bugtraq id 4131)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

I am using Hotline Client 1.8.5 from Hotline Communications Ltd on a
windows XP platform. In this client you have the options to save
bookmarks so you can easily connect to your sites.  When I was looking
around in the "Bookmarks" dir (program files\hotline communications ltd)
I saw that the bookmarks store your login, password and host in
plaintext although it is a binary file. Has this been mentioned before?
Is this normal or just a flaw from the creators?

Cheers,

Rens

Next message: secureat_private: "[CLA-2002:464] Conectiva Linux Security Announcement - squid"
Previous message: Rashed Alabbar: "NAI Gauntlet Firewall 5.5 for NT (Multiple Vendor HTTP CONNECT TCP Tunnel Vulnerability (bugtraq id 4131)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Feb 28 2002 - 22:30:07 PST