Bugtraq mailing list archives
Re: Cleartext Password display in NS Communicator
From: holger () TLNET DE (Holger Kanzog)
Date: Wed, 2 Jul 1997 19:55:52 +0200
On Wed, 2 Jul 1997, Fred Albrecht wrote:
The following has been tested with Netscape Communicator 4.0 on NT 4 and 4.0b4 on Linux with the same results :
[..]
The password is now plainly visible in the URL field :
« ftp://user:passwd@host »
Appendix to my previous message: It happens only when connecting over proxy Squid (1.1.10) and it appears also in Squid's access.log. Holger PGP-public-key: http://www.tlnet.de/holger.asc PGP-fingerprint: 2A AE 66 7B 25 C6 0E 21 5A C5 42 E4 A0 53 59 DD
Current thread:
- Cleartext Password display in NS Communicator Fred Albrecht (Jul 02)
- Re: Cleartext Password display in NS Communicator Holger Kanzog (Jul 02)
- Re: Cleartext Password display in NS Communicator Fred Albrecht (Jul 02)
- Re: Cleartext Password display in NS Communicator Oskar Pearson (Jul 03)
- BugTraq Web Archive Aleph One (Jul 02)
- gcc port of IIServerSlayer Andrea Arcangeli (Jul 02)
- Solaris 2.5 syslog startup failure Lauren P. Burka (Jul 02)
- Vulnerability in GlimpseHTTP - more notes Razvan Dragomirescu (Jul 02)
- ircd exploit Aaron Campbell (Jul 02)
- Re: Cleartext Password display in NS Communicator Fred Albrecht (Jul 02)
- Re: Cleartext Password display in NS Communicator Holger Kanzog (Jul 02)