NEWS - June 27, 2012
by Carol~ - 6/27/12 8:13 AM
Researcher Warns Of Security Hole In KeePass Password Manager
Users of the free, open source KeePass password manager got unwelcome news on Tuesday, after a private security researcher claimed to have discovered a remotely exploitable security hole that could give an attacker access to unencrypted user passwords. However, KeePass's creator calls the hole minor, and unlikely to be used in an attack.
Researcher Benjamin Kunz Mejri of Vulnerability Lab said in an e-mail to Threatpost that he had discovered the hole in a software filter and validation feature in KeePass Password Manager up to and including v1.22. If exploited, the hole would enable an attacker with access to a machine running the KeePass software to inject malicious script by passing the html/xml export feature a specially crafted file.
A successful attacker would need a manipulated URL with malicious script code, a logging server with read, write and execute (chmod 777) permissions, a listing file and a valid keePass v1.22 user (aka: the victim), Kunz Mejri wrote. Once exploited, the hole gives the attacker the ability to steal plain password lists, among other attacks, Kunz Mejri warned.
Continued : http://threatpost.com/en_us/blogs/researcher-warns-security-hole-keepass-password-manager-062712
Also: Vulnerability in KeePass Allows Hackers to Steal Password Lists, Experts Find