Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   Grub Web Crawler Vendors:   LookSmart, Ltd.
Grub Web Crawler Discloses Password to Local Users
SecurityTracker Alert ID:  1007182
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 14 2003
Impact:   Disclosure of authentication information, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 1.3.7
Description:   A vulnerability was reported in the Grub web crawler. A local user can view passwords. warned that the software stores user passwords in plain text within the Windows registry. A local user can view the 'userEmail' and 'userPassword' elements of the 'HKEY_CURRENT_USER\Software\VB and VBA Program Settings\GrubClient\Settings' key to see the passwords.

The vendor was reportedly notified on June 4, 2003 and responded the same day.

Impact:   A local user can view the user passwords.
Solution:   The vendor has reportedly issued a fixed version (1.4.3), available at:

Vendor URL: (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents

Subject:  [0day] Grub Distributed Client - Cleartext Passwords

-= 0day - Freedom of Voice - Freedom of Choice =-

          - EXPL-A-2003-016 Advisory 016
       -=- Looksmart / Grub Distributed Webcrawling Client -=-

Donnie Werner

1.local clear user / password in windows registry


grub-client-1.3.7.exe   May 12, 2003   May 12, 2003

Not Vunerable:
grub-client-1.4.3.exe [CURRENT] Jul 2, 2003 [CURRENT]  Jul 2, 2003
patch-to-1.4.3.exe [CURRENT]  Jul 2, 2003 [CURRENT]  Jul 2, 2003

Description of product:
 "Grub uses the power of distributed computing to build the best
search on the Web.
It automatically crawls the Web in the background, borrowing your
computer's spare
clock cycles, so you won't even notice it's there. The download is
quick, you control
how much you crawl, and the cool screensaver shows you the real-time
progress your
computer is making. You can even compare your stats to other Grubsters
in the project!
Help perfect the search engine. Join the Grub project today!"

Company Profile:
"LookSmart is a leader in Search Targeted Marketing. Through its
innovative LookListingsTM
suite of commercial search listings products and graphical advertising
products, LookSmart
enables large and small businesses alike to expose their products and
services to customers
at the precise moment they're searching for that very thing. The
result is a better search
experience for the user, as well as highly qualified leads and lower
customer acquisition
costs for the business. The LookSmart network reaches 77%* of Internet
users, and includes
Microsoft's MSN, Excite@Home, AltaVista, Netscape Netcenter, Inktomi,
Prodigy, Juno,,
Road Runner, Cox Interactive Media, InfoSpace (Go2Net, Dogpile,
MetaCrawler) and Ask Jeeves."
*Media Metrix June 2001 Digital Media Audience Ratings

David Lidsky,1377,58497,00.html


Passwords and user names are stored cleartext inside registry under
Windows OS

Subkey ( data )

HKEY_CURRENT_USER\Software\VB and VBA Program

Vendor Fix:
upgrade to..

Vendor Contact:
June 4 2003 left a message at Tel: 415.348.7000 @3am advising them of
my impending release
at 12pm.

Callback 9:10am from corp office.
kord campel 415-348-7691

Vendor knows and is working on the issue.

July 10 2003 Installed new client and note issue resolved.

Donnie Werner "finding your holes is job one, and plugging
them twice the fun"

Original Advisory at
This Advisory is at

0day mailing list


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC