>1) Password disclosure >What priviledges on the system do you need to >read that process memory?
>With such priviledges, why don't you read the >data directly from the >config file? You can try to use the evil's ProcessMemoryDumper. I dumped (and I've obtained user password) the memory from a limited User. >2) Local Dos >Is the build unoficial/unsupported from the XChat >team? Does the same >bug exists in the official builds? I've not tested the Official release. >You talk about a local dos.. how can a user access >the tray icon of >another user to trigger the crash? The "bug" was found while I was working in a VPN.. Regards.
