[转载]Chat Anywhere Discloses Passwords to Local Users
信息来源:securitytracker.com---------------------
Introduction:
---------------------
Vendor: LionMax Software
[url]http://www.lionmax.com/[/url]
---------------------
Bug:
---------------------
Chat Anywhere v2.72a stores all the usernames and passwords in
"Program Files\Chat Anywhere\room\xxxx.ini"
file with plain text format without crypting and can be viewed
by a local user.
xxxx is the chat room's name.
---------------------
Vendor Confirmed:
---------------------
No.
---------------------
Fix:
---------------------
There is no solution at the time of this entry.
---------------------
Exploit:
---------------------
[url]http://www.eviloctal.com/forum/read.php?tid=8273[/url]
页:
[1]