Re: Nortel VPN Client Issue: Clear-text password stored in memory

[Burak DAYIOGLU <dayioglu () metu edu tr>]

Roy,
I read your advisory regarding the Norvel VPN client. If I am not 
mistaken, the authentication keys are stored in the registry hive 
HKEY_CURRENT_USER (per user key stores).

If it is so, you should start the VPN client as the victim user to 
attack the process memory image (or else you have to be administrator).

Am I missing something?

regards,
-bd
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/