Cisco Mac OS VPN 5000 Client Password Disclosure Vulnerability

info
discussion
exploit
solution
references

Cisco Mac OS VPN 5000 Client Password Disclosure Vulnerability

The Cisco VPN 5000 Client on Mac OS saves configuration information for the default connection in the resource fork of the preferences file. Authentication credentials for the most recent login are included in the configuration. A tool such as ResEdit may be used to extract this information.