Vulnerability Development mailing list archives
Re: Timbuktu32
From: root () RGFSPARC CR USGS GOV (Robert G. Ferrell)
Date: Tue, 5 Oct 1999 08:08:49 -0500
Here's a few bits of weirdness I've noticed with Timbuktu. Someone sent an internal email noting that the passwords would show up. I.e. if someone had connected to your machine, and you pulled up the app after, there was their password showing in the clear.....I think it was build 635 that did this.
For further elucidation, here's the transcript of a message I sent to Netopia about this issue back in May: ========================================================================= Original Message (05/04/99 at 07:37:14): System: Micron GoBook2 Pentium II 96 MB RAM OS: Windows 98 (4.10) 3Com Megahertz LAN + 56K Modem PC Card RE: Timbuktu Pro 32, build 503 Whenever I start Timbuktu, in the TCP/IP tab the first TCP/IP Address entry is always my Windows Client logon password, in plain text. I've tracked this to HKEY_LOCAL_MACHINE\Software\Netopia\Timbuktu Pro\NetPlaces in the registry and removed it, but it comes right back the next time I reboot, even if I don't logon to the machine as myself. I've never entered this as an "IP address' when connecting to remote systems; in fact, I use IP addresses exclusively (no hostnames). I'm a little concerned about this as a possible security risk. Thanks for you attention. From: Ask_Netopia () netopia com <mailto:Ask_Netopia () netopia com> [SMTP:Ask_Netopia () netopia com] <mailto:[SMTP:Ask_Netopia () netopia com]> Sent: Tuesday, May 04, 1999 8:17 PM To: Robert G Ferrell, San Antonio, TX Subject: Tech Supp / Timbuktu Pro 32 Hello Robert, Thanks for your email. We have resolved this problem with the latest build of Timbuktu Pro 32 (build 650). You can get a free upgrade to build 650 from our web site: <http://www.timbuktupro.com/software/tb2/win/upgrades.html <http://www.timbuktupro.com/software/tb2/win/upgrades.html> >. Regards, Lauren Netopia, Inc. Netopia Virtual Office and Timbuktu NT, Windows and Mac Software Tech Support EMAIL: techsports () netopia com <mailto:techsports () netopia com> WORLD WIDE WEB: <http://www.netopia.com <http://www.netopia.com> > ANONYMOUS FTP: <ftp://ftp.netopia.com/pub <ftp://ftp.netopia.com/pub> > PHONE: 510-814-5000 6:00 a.m. - 5:30 p.m. PST FAX DIRECT: 510-814-5023 FAX BACK SERVER: 510-814-5040 24 hours Netopia Reference Codes ------------------------ Person#:1318455 Vent#:1691371 Email#:3039657 ----------*---------- ============================================================================ Robert G. Ferrell Internet Technologist National Business Center, US DoI Robert_G_Ferrell () nbc gov ********************************** **** I hack, therefore I am ****** **********************************
Current thread:
- Timbuktu32 Blue Boar (Oct 04)
- <Possible follow-ups>
- Re: Timbuktu32 Robert G. Ferrell (Oct 05)