[11514] in bugtraq
Get paste kppp *'s
daemon@ATHENA.MIT.EDU (Tim Jones)
Wed Aug 25 20:02:20 1999
Message-Id: <19990821005204.5616.qmail@securityfocus.com>
Date: Sat, 21 Aug 1999 00:52:04 -0000
Reply-To: cybersysop813@HOTMAIL.COM
From: Tim Jones <cybersysop813@HOTMAIL.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
Well alot of dial up tools do this put your password in *
so you can let other people use your
computer and dial up and they wont know what your password
is..
But in kppp all you have to do to fix out whats UNDER the *
is just CUT and PASTE.. Thats right..
Just COPY the *'s and paste then to a term and you can see
what there password is...
I am not sure if this is a problem or what.. But there is no
reason to have the *'s if they are
so easy to get past...
btw somone might want to report this to the makers of
kppp..
--flipz
