Hancom Hancom Office 2007 Reboot.ini Clear-Text Passwords Vulnerability. CVE-1999-0372 . Local exploit for windows platform
source: http://www.securityfocus.com/bid/228/info During installation of BackOffice 4.0, a file called reboot.ini is created and stored in the \Program Files\Microsoft BackOffice directory. This file contains clear-text usernames and passwords for several services that may be created during installation. These services include: SQL Executive Logon, Exchange Services, and MTS Remote Administration (and potentially others). The File ACLs for this file are set to Everyone:Full Control. Clear-text usernames and passwords are stored in the \Program Files\Microsoft BackOffice\Reboot.ini file.