Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 05:09:17 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2035614538&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiledesc%2Fsecunia-etsdisclose.txt.html%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2035614538.1338181757.1338181757.1338181757.1%3B%2B__utmz%3D32867617.1338181757.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/87087/secunia-etsdisclose.txt http://packetstormsecurity.org/files/87087/secunia-etsdisclose.txt http://packetstormsecurity.org/files/87087/Employee-Timeclock-Software-mysqldump-Password-Disclosure.html Wed, 10 Mar 2010 15:57:24 GMT Secunia Research has discovered security issue in Employee Timeclock Software, which can be exploited by malicious, local users to disclose sensitive information. The security issue is caused due to the application passing the database password via the command line to the "mysqldump" utility, which potentially can be exploited to disclose the password via the process list. Version 0.99 is affected.