who the hell is duc? :enbyfied: :verifiedcat: (@duc)

@Dee@fedi.underscore.world

3y

Headline:

KeePass flaw allows retrieval of master password, PoC is public

Details:

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running.

way to bury the lead there

1

0

Dee

@Dee@fedi.underscore.world

3y

(FYI the PoC is here: github.com/vdohney/keepass-password-dumper)

1

0

1

who the hell is duc? :enbyfied: :verifiedcat: @duc@miau.jeder.pl

3y

@Dee > If your computer is already infected by malware that's running in the background with the privileges of your user, this finding doesn't make your situation much worse.

ah whew

0