It could recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks.

[1] Cryptanalysis attacks were done via rainbow tables which could be generated with the winrtgen.exe program provided with Cain and Abel.

Some virus scanners (and browsers, e.g. Google Chrome 20.0.1132.47) detect Cain and Abel as malware.

detects it as "Win32:Cain-B [Tool]" and classifies it as "Other potentially dangerous program",[4] while Microsoft Security Essentials detects it as "Win32/Cain!4_9_14" and classifies it as "Tool: This program has potentially unwanted behavior."

Symantec (the developer of the Norton family of computer security software) identified a buffer overflow vulnerability in version 4.9.24 that allowed for remote code execution in the event the application was used to open a large RDP file, as might occur when using the program to analyze network traffic.