VULHUB ™

It has been reported that the Netscape Communicator roaming profile function stores sensitive user credentials in plaintext or easily disclosed format. This weakness may result in an attacker accessing sensitive user credentials that may be used in further attacks launched against the system. Conflicting details have been reported suggesting that perhaps this issue may be due to a user initiated configuration change and that password data may be encrypted using a trivial encryption method by default. This report is closely related to the issue described in BID 6215.

It has been reported that the Netscape Communicator roaming profile function stores sensitive user credentials in plaintext or easily disclosed format. This weakness may result in an attacker accessing sensitive user credentials that may be used in further attacks launched against the system. Conflicting details have been reported suggesting that perhaps this issue may be due to a user initiated configuration change and that password data may be encrypted using a trivial encryption method by default. This report is closely related to the issue described in BID 6215.