Bugtraq mailing list archives
Re: Demarc Puresecure v1.6 - Plaintext password issue -
From: David Barroso <dbarroso () s21sec com>
Date: Thu, 22 May 2003 12:06:33 +0200
On Wed, 21 May 2003 12:17:57 -0700 "Ryan Purita" <ryan () totally-connected com> wrote: The file psd.conf should be owned by root and its mode 600. Only if a person gets root access in that box, she could read the password. Lots of applications relay on that, for instance, snort, which is used by Demarc PureSecure, stores the SQL password in plain text in snort.conf.
Current thread:
- Demarc Puresecure v1.6 - Plaintext password issue - Ryan Purita (May 21)
- Re: Demarc Puresecure v1.6 - Plaintext password issue - David Barroso (May 23)
- Re: Demarc Puresecure v1.6 - Plaintext password issue - Kurt Seifried (May 24)
- Re: Demarc Puresecure v1.6 - Plaintext password issue - David Barroso (May 23)