exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

trillianClear.txt

trillianClear.txt
Posted Aug 5, 2005
Authored by Suramya Tomar | Site suramya.com

Trillian Pro 3.1 Build 121 saves a user password in clear text in a temporary file that is world readable when attempting to connect to Yahoo mail.

tags | advisory
SHA-256 | 3bf36659581229e54569a2d59e27539a97b5f16685e7c71abe83814a914d88df

trillianClear.txt

Change Mirror Download
Hi Everyone,

I was playing around with Trillian Pro 3.1 Build 121 and noticed a very
disturbing behavior when using it to check my yahoo mail.

When you choose the option to check your yahoo email from Trillian (The
little connection ball -> Check Yahoo Mail) it creates a temp file in
the <Install Directory>\users\default\cache with a random name that
contains the yahoo password in *clear text* and this file is world
readable. This would be somewhat ok if the file was deleted as soon as
the login was done but the file just sits there till you exit out of
trillian. Logging out doesn't erase the file. I have watched the file
exist on my system for over two weeks.

Now I shouldn't have to tell you why having a file like this will a
password in clear text is such a bad idea. All anyone needs is 2 mins
unsupervised on a computer that uses trillian and they will have the
user's password and since a lot of people use the same password for
various sites this will compromise a lot of other accounts too.

In my opinion the file shouldn't contain the password in the first place
but even if it *has* to have the password it should be deleted as soon
as the login is done and not sit there for over two weeks.

I have duplicated this with Trillian 3.0 Basic and Pro also. Tested on
Windows XP Pro and Windows 2000.

I have attempted to contact Cerulean Studios multiple times before
releasing this using their webform, email and forums over the past month
but havn't heard anything back from them. My last attempt to contact
them was on 06/13/2005. Since I havn't heard anything from them I am
sending this to Bugtraq.

If you have any questions/comments about this let me know.

Thanks,
Suramya

--
----------------------------------------------------------
Mountain Dew and doughnuts... because breakfast is the
most important meal of the day
----------------------------------------------------------
Name : Suramya Tomar
Homepage URL: http://www.suramya.com
-------------------------------------------------

************************************************************
Disclaimer:
Any errors in spelling, tact, or fact are transmission errors.
************************************************************
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close