CVE-2003-0046 Information

Description

AbsoluteTelnet SSH2 client does not clear logon credentials from memory including plaintext passwords which could allow attackers with access to memory to steal the SSH credentials.

Reference

http://marc.info/?l=bugtraq&m=104386492422014&w=2 http://www.celestialsoftware.net/telnet/beta_software.html http://www.idefense.com/advisory/01.28.03.txt http://www.osvdb.org/7686 http://www.securityfocus.com/bid/6725 http://www.securitytracker.com/id?1006013