Vopium Plaintext Credentials Man In The Middle Information Disclosure Vulnerability
BID:51660
Info
Vopium Plaintext Credentials Man In The Middle Information Disclosure Vulnerability
| Bugtraq ID: | 51660 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 25 2012 12:00AM |
| Updated: | Jan 25 2012 12:00AM |
| Credit: | Henry Paduwa |
| Vulnerable: |
Vopium Voipum 0 |
| Not Vulnerable: | |
Discussion
Vopium Plaintext Credentials Man In The Middle Information Disclosure Vulnerability
Vopium is prone to an information disclosure vulnerability.
Attackers can exploit this issue to gain access to the application credentials through a man-in-the-middle attack. Successful exploits will lead to other attacks.
Vopium is prone to an information disclosure vulnerability.
Attackers can exploit this issue to gain access to the application credentials through a man-in-the-middle attack. Successful exploits will lead to other attacks.
Exploit / POC
Vopium Plaintext Credentials Man In The Middle Information Disclosure Vulnerability
An attacker may use readily available tools to exploit this issue.
An attacker may use readily available tools to exploit this issue.
Solution / Fix
Vopium Plaintext Credentials Man In The Middle Information Disclosure Vulnerability
Solution:
Currently we are not aware of any vendor supplied patches If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor supplied patches If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Vopium Plaintext Credentials Man In The Middle Information Disclosure Vulnerability
References:
References:
- [Full-disclosure] Vopium VoIP app is leaking login, password, IMEI, geolocation, (Henry Paduwa)
- Vendor Homepage (Voipum)