Hotline password vulnerability

Discussion in 'other security issues & news' started by Paul Wilders, Mar 5, 2002.

Thread Status:
Not open for further replies.
  1. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Summary

    Hotline Connect is a suite of two free applications that enables Internet users to communicate and share files and information. A security vulnerability in the product allows local users with access to a shared Hotline program installation directory, to access other people's used username and passwords.


    Details

    Vulnerable systems:
    Hotline Client version 1.8.5

    The Hotline client contains a feature that allows users to store bookmarks to certain sites they frequently visit. The "Bookmarks" directory (usually under: program files\hotline communications ltd) contains a file that inside it you can find your login, password and host stored in plaintext.

    source: www.securiteam.com
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.