Microsoft Windows 'RunAs' Password Length Local Information Disclosure Vulnerability

The 'RunAs' application included with Microsoft Windows is prone to a local information-disclosure vulnerability that may reveal information about password lengths.

A local attacker may exploit this issue to gain information about user passwords. This may aid in further attacks, such as brute-force or dictionary attacks against passwords.


 

Privacy Statement
Copyright 2010, SecurityFocus