[6418] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Clipboard insecurity

daemon@ATHENA.MIT.EDU (Jim Credland)
Mon Mar 30 16:28:30 1998

Date: 	Mon, 30 Mar 1998 17:31:54 +0100
Reply-To: Jim Credland <jim@DEMON.NET>
From: Jim Credland <jim@DEMON.NET>
X-To:         ntsecurity@iss.net
To: BUGTRAQ@NETSPACE.ORG

  I don't know if this has been mentioned before, it was certainly new to
Microsoft when I mentioned it too them.

  If you lock your workstation it's still possible to paste the contents of the
clipboard buffer into the "User name" prompt.  Not terribly clever for hiding
what you've been doing.

  Microsoft acknowledge the problem but made no promises about fixing it.
Obvious workaround.

--
jim credland                                             network security
who can you trust?                                     demon internet ltd


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[6418] in bugtraq

Clipboard insecurity

daemon@ATHENA.MIT.EDU (Jim Credland)Mon Mar 30 16:28:30 1998

daemon@ATHENA.MIT.EDU (Jim Credland)
Mon Mar 30 16:28:30 1998