Hotline password vulnerability

Discussion in 'other security issues & news' started by Paul Wilders, Mar 5, 2002.

Thread Status:
Not open for further replies.
  1. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,475
    Location:
    The Netherlands
    Summary

    Hotline Connect is a suite of two free applications that enables Internet users to communicate and share files and information. A security vulnerability in the product allows local users with access to a shared Hotline program installation directory, to access other people's used username and passwords.


    Details

    Vulnerable systems:
    Hotline Client version 1.8.5

    The Hotline client contains a feature that allows users to store bookmarks to certain sites they frequently visit. The "Bookmarks" directory (usually under: program files\hotline communications ltd) contains a file that inside it you can find your login, password and host stored in plaintext.

    source: www.securiteam.com
     
    Paul Wilders, Mar 5, 2002
    #1
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...