NotJustBrowsing Local Information Disclosure Vulnerability
BID:13442
Info
NotJustBrowsing Local Information Disclosure Vulnerability
| Bugtraq ID: | 13442 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 29 2005 12:00AM |
| Updated: | Apr 29 2005 12:00AM |
| Credit: | Discovery of this issue is credited to [email protected]. |
| Vulnerable: |
NotJustBrowsing NotJustBrowsing |
| Not Vulnerable: | |
Discussion
NotJustBrowsing Local Information Disclosure Vulnerability
NotJustBrowsing is prone to a local information disclosure vulnerability. The application stores plaintext 'View Lock Password' passwords in a local file.
A local attacker may exploit this issue to disclose potentially sensitive information. Data harvested through exploitation of this issue may be used to aid in further attacks launched against the target computer.
NotJustBrowsing is prone to a local information disclosure vulnerability. The application stores plaintext 'View Lock Password' passwords in a local file.
A local attacker may exploit this issue to disclose potentially sensitive information. Data harvested through exploitation of this issue may be used to aid in further attacks launched against the target computer.
Exploit / POC
NotJustBrowsing Local Information Disclosure Vulnerability
No exploit is required.
No exploit is required.
Solution / Fix
NotJustBrowsing Local Information Disclosure Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
NotJustBrowsing Local Information Disclosure Vulnerability
References:
References:
- NotJustBrowsing Homepage (NotJustBrowsing)