Flashget 0.9 - 1.2 Local DialUp Password Hi-Jacking

["Rafel Ivgi" <nuritrv18 () bezeqint net>]

Flashget 0.9 - 1.2 Local DialUp Password Hi-Jacking 
***************************************************
Discovered by Rafel Ivgi, The-Insider.
http://theinsider.deep-ice.com
(This Is My First Advisory!)

Whenever a user sets flashget to dial-up to the internet he types his
username &  password.
This sensitive data is being saved at the registery without no
encryption!.
It saved as hex data at the following location.

[HKEY_USERS\.DEFAULT\Software\JetCar\JetCar\DialUp]
"Entry"="<connection name>"
"UserName"="<dialup username>"
"Password"=hex:'<dialup password'<