Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_4

Bugtraq archives for 4th quarter (Oct-Dec) 1998: Re: 13 tiny bytes to show the huge sillyness of our great common

Re: 13 tiny bytes to show the huge sillyness of our great common

Tero Pelander (tpelandTKUKOULU.FI)
Thu, 22 Oct 1998 11:43:04 +0300

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Joel Eriksson: "bof in sdtcm_convert (Solaris 2.5)"
Previous message: Flemming S. Johansen: "Netscape "What's Related""
In reply to: bt398: "13 tiny bytes to show the huge sillyness of our great common"

On Wed, 21 Oct 1998, bt398 wrote:

> Microsoft did it the other way. The function returns the uncrypted password
> to a buffer (... no comment).
>
> Indeed, this is not _big_ deal but if a user has access to your computer
> after you logged then he can easily retrieve your password.. And I am sure
> that a lot of people uses the same password for their mail and their
> windows password (so it is somewhat a security problem). I attached a small
> program that prompts the password of the user (you must have logged in
> first); this only work on Windows for Workgroup 3.11 and Windows 95
> (Windows 98 and Windows NT are not affected -hopefully-).
[cachepig.zip removed]

NT (4.0 SP3+hotfixes) isn't affected, 98 is affected

Next message: Joel Eriksson: "bof in sdtcm_convert (Solaris 2.5)"
Previous message: Flemming S. Johansen: "Netscape "What's Related""
In reply to: bt398: "13 tiny bytes to show the huge sillyness of our great common"