Insecure Permissions in .tin Directory Allow Password Disclosure

Insecure Permissions in .tin Directory Allow Password Disclosure

CVE-1999-1092 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

tin 1.40 creates the .tin directory with insecure permissions, which allows local users to read passwords from the .inputhistory file.

Learn more about our User Device Pen Test.