Vulnerabilities > CVE-2007-0627 - Information Disclosure vulnerability in GTalkbot Username and Password
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
Michael Still gtalkbot before 1.2 places username and password arguments on the command line, which allows local users to obtain sensitive information by listing the process.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://freshmeat.net/projects/gtalkbot/?branch_id=67830&release_id=245004
- http://osvdb.org/33071
- http://secunia.com/advisories/23942
- http://www.securityfocus.com/bid/22322
- http://www.stillhq.com/gtalkbot/
- http://www.stillhq.com/gtalkbot/000003.html
- http://www.vupen.com/english/advisories/2007/0408
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31923