PT-2002-1409 · Hotline · Hotline Client

Published

2002-05-03

Updated

2016-10-18

CVE-2002-0343

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Hotline Client version 1.8.5

Description The issue concerns the storage of sensitive user information. Hotline Client stores passwords in plaintext in the bookmarks file. This could allow local users with access to the bookmarks file to extract the passwords and gain privileges.

Recommendations For Hotline Client version 1.8.5, consider removing or securing access to the bookmarks file to prevent unauthorized access to stored passwords. As a temporary workaround, avoid storing sensitive information in the bookmarks file until a more secure method of storage is implemented.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0343

Affected Products

Hotline Client

PT-2002-1409 · Hotline · Hotline Client

CVE-2002-0343

Related Identifiers

Affected Products

References · 4