[24468] in bugtraq
Hotline Client Plain password vuln.
daemon@ATHENA.MIT.EDU (Rense Buijen)
Fri Mar 1 01:36:11 2002
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Date: Thu, 28 Feb 2002 09:33:51 +0100
Message-ID: <F48061E826461547AB8E0EC916569979022722@AD101.dct.be>
From: "Rense Buijen" <Rense.Buijen@dct-mail.com>
To: <bugtraq@securityfocus.com>
Content-Transfer-Encoding: 8bit
Hello,
I am using Hotline Client 1.8.5 from Hotline Communications Ltd on a
windows XP platform. In this client you have the options to save
bookmarks so you can easily connect to your sites. When I was looking
around in the "Bookmarks" dir (program files\hotline communications ltd)
I saw that the bookmarks store your login, password and host in
plaintext although it is a binary file. Has this been mentioned before?
Is this normal or just a flaw from the creators?
Cheers,
Rens
