GetDataBack Registry Cleartext License Information Disclosure

2005-04-05T23:51:14
ID OSVDB:15210
Type osvdb
Reporter Kozan(kozan@netmagister.com), ATmaCA(atmaca@icqmail.com)
Modified 2005-04-05T23:51:14

Description

Vulnerability Description

GetDataBack contains a flaw that may lead to an unauthorized information disclosure. The issue is due to information being stored in the registry unencrypted, which may disclose license information such as the username and license key, resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

GetDataBack contains a flaw that may lead to an unauthorized information disclosure. The issue is due to information being stored in the registry unencrypted, which may disclose license information such as the username and license key, resulting in a loss of confidentiality.

References:

Vendor URL: http://www.runtime.org/ Security Tracker: 1013644 Other Advisory URL: http://osvdb.org/ref/15/15210-getdataback.txt ISS X-Force ID: 19967 CVE-2005-1098