Package: multisync Severity: grave Tags: security Version: 0.82-5 Hi,
while playing with an iPAQ 5500 and opie, i found out, that multisync profiles for opie (saved in ~/.multisync/<number>/opie_config.xml) have file permissions 644. This file contained my username for the iPAQ as well as it's password (in plain text) to connect to via ftp or sftp. As this leaks password information to everyone i set severity to grave. This bug is valid for stable and unstable. Greetings Martin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
