WinMySQLadmin Plain Text Password Storage Vulnerability

info
discussion
exploit
solution
references

WinMySQLadmin Plain Text Password Storage Vulnerability

A vunerability exists in WinMySQLadmin 1.1 that may result in the disclosure of sensitive authentication information for MySQL.

If a local user gained access to the 'my.ini' file, it is possible to retrieve configuration and authentication information for MySQL. The contents of this file are in plain text.