Bugtraq mailing list archives
Re: Clipboard insecurity
From: jfay () STETSON EDU (Fiji)
Date: Tue, 31 Mar 1998 00:27:35 -0500
It is also possible to paste passwd info on NT and Novell clients. There have been a few occasions where users have typed in their passwd and before hitting enter have decided to highlight and erase their passwd. I can come along after these unscrupolous users and right click then paste their passwd back again. -Fiji CIT Stetson University Unix System Administrator -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3a mQCNAzOSFEwAAAEEAJ/dkb5cymjDsl51GVBiugJW263udNqxQr6R40tJGNF3yTZ2 idP4K9Pxw/1D2LQ/tOdSLJYGX6x9Y5KqJ4ZtdRVnh4pbaYVcbCwLDyWg+iy/mCpj J2R5WMrVTsTdxA4g1nzYPg30IQhy7Ll4R3JhXa9lUm4j0pdM9RTsR6Z4DLQNAAUR tBBmYXlqQHN0ZXRzb24uZWR1iQCVAwUQM5IUTBTsR6Z4DLQNAQHsMAP9F8kHBgc6 jrB0XJ4qUn1ihdigQjF0S3PqOOu1uk1kMWI7obB54ORT4b1Dw7BqUirBohJPn+ka R89Ny0U95nZFX2WoQXDtRlqdVXAC9ZAoTpljiZpM7EtDWB4SXhsoXcb+1M7Lw5Un 14aq2b9YAUGryQy1ivkz8V9du4nUB/YkNLI= =q7uq -----END PGP PUBLIC KEY BLOCK----- On Mon, 30 Mar 1998, Jim Credland wrote:
Date: Mon, 30 Mar 1998 17:31:54 +0100 From: Jim Credland <jim () DEMON NET> To: BUGTRAQ () NETSPACE ORG Subject: Clipboard insecurity I don't know if this has been mentioned before, it was certainly new to Microsoft when I mentioned it too them. If you lock your workstation it's still possible to paste the contents of the clipboard buffer into the "User name" prompt. Not terribly clever for hiding what you've been doing. Microsoft acknowledge the problem but made no promises about fixing it. Obvious workaround. -- jim credland network security who can you trust? demon internet ltd
Current thread:
- Clipboard insecurity Jim Credland (Mar 30)
- Re: Clipboard insecurity Fiji (Mar 30)
- Eudora Pro/IE bugs Mike Zimmerman (Mar 30)