https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4598
Summary: Caching of logon info
Product: Wireshark
Version: 1.0.9
Platform: x86
OS/Version: Windows 2000
Status: NEW
Severity: Normal
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: gedropi@xxxxxxxxx
Build Information:
Version 1.0.9 (SVN Rev 29911)
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.12.8, with GLib 2.14.6, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.8,
with ADNS, with Lua 5.1, with GnuTLS 2.6.3, with Gcrypt 1.4.3, with MIT
Kerberos, with PortAudio V19-devel, with AirPcap.
Running on Windows 2000 Service Pack 4, build 2195, with WinPcap version 4.1
beta5 (packet.dll version 4.1.0.1452), based on libpcap version 1.0.0, without
AirPcap.
Built using Microsoft Visual C++ 6.0 build 8804
Wireshark is Open Source Software released under the GNU General Public
License.
Check the man page and http://www.wireshark.org for more information.
--
First:
I first log onto Windows machine
I log onto my Isp
I log into my proxy
Maybe do a few things online (eg. go to a few websites)
Then log into Wireshark
Next:
When launching WS, immediately the capture starts a DNS authentication trace
and an etherXXXXa* file with Windows & ISP usernames AND passwords is created.
Since I expect WS to be literal, I would expect that those actions that had
taken place in the past (logons & DNS authentication) would not be captured
since WS had not been started when I logged on. That means that this
information is being cached or worse somewhere. For my peace of mind, please
can you tell me about this security issue? Thank you.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.