[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Putty Proxy login/password discolsure....
- To: "Dave \\\"No, not that one\\\" Korn" <davek_throwaway@xxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Putty Proxy login/password discolsure....
- From: mflaschen3@xxxxxxxxxxxxxxx
- Date: Wed, 25 Oct 2006 10:24:11 -0400
Windows offers no security against local users. It is trivial to boot to a
program like ERD Commander and replace admin passwords. On the other hand,
PuTTy is meant to protect against everyone; that's why it doesn't allow saved
passwords. Thus, this seems like a vulnerability to me.
Matt Flaschen
Quoting "Dave \"No, not that one\" Korn" <davek_throwaway@xxxxxxxxxxx>:
> "Antoine SANTO" <Antoine.SANTO@xxxxxxx> wrote in message
> news:021001c6f822$94e12f40$595ce60a@xxxxxxxxxxxxxxxxxxxxxxx
>
> > Hi,
> >
> > I come to report a little strange discolsure discovered by my
> > co-worker Fx0day.
> >
> > When you save session informations under putty and you need proxy
> > for a session,
> > We can find in plain clear text the login and password proxy auth in
> > the windows
> > database register.
> >
> > Strange to see a good ssh client storing plain clear text « hot »
> > informations !!
>
> The HKCU key is protected by an ACL; it is only accessible to the
> user, or to someone with admin rights. So it's not best practice,
> agreed, but it isn't a major vulnerability.
>
>
> cheers,
> DaveK
> --
> Can't think of a witty .sigline today....
>
>
>
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/