VULHUB ™

Windows 95 and 98 cache a user's name and password in plaintext in RAM. This feature was included for backwards compatibility with Windows for Workgroups, which implemented this mechanism for use with the 'net' program, which handled most network configuration requirements for the WfW OS. This feature can be exploited via specific function calls to retrieve another user's credentials. In order for this to work , the attacker must have console access to the target machine, and it must not have been rebooted since the last logout. Only the most recent user's credentials can be retrieved.

Windows 95 and 98 cache a user's name and password in plaintext in RAM. This feature was included for backwards compatibility with Windows for Workgroups, which implemented this mechanism for use with the 'net' program, which handled most network configuration requirements for the WfW OS. This feature can be exploited via specific function calls to retrieve another user's credentials. In order for this to work , the attacker must have console access to the target machine, and it must not have been rebooted since the last logout. Only the most recent user's credentials can be retrieved.