Vulners
Lucene search
KIK Messenger Password Disclosure
🗓️ 19 Apr 2013 00:00:00Reported by Wouter van RooijType 
packetstorm🔗 packetstormsecurity.com👁 35 Views
`KIK Messenger stores password in plain text
This is the conclusion of Mobile Security Company, a Dutch organisation
specialized in security audits of mobile applications.
The username and password are stored in the com.kik.chat.plist file.
This file can be viewed on a jailbroken device or when having access to the
iTunes backup.
Wouter van Rooij, iOS security expert at Mobile Security Company states that
storing passwords in plain text in a .plist file is by far the most unsafe
option to handle passwords.
Of course Mobile Security Company tried to report the issue to KIK
interactive, the organization behind KIK messenger.
Van Rooij is very surprised that KIK interactive didn't respond. It is in
the interest of all 50 million KIK messenger users that this issue will be
solved.
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
19 Apr 2013 00:00Current
7.4High risk
Vulners AI Score7.4