Mozilla Firefox cleartext password leak
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Mozilla Firefox cleartext password leak
updated since 20.07.2005
Published:
14.09.2005
Source:
3APA3A
SecurityVulns ID:
5019
Type:
m-i-t-m
Level:
5
/10
Description:
Weak authentication algorithm may be choosen by browser even if stronger one is supported by server.
Affected:
MOZILLA
:
Firefox 1.0
Original document
3APA3A
,
Mozilla / Mozilla Firefox authentication weakness
(
14.09.2005
)
3APA3A
,
Mozilla cleartext credentials leak bug report to excuse myself (Re[2]: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein)
(
20.07.2005
)
Files:
Mozilla authentication weakness demonstration
Bugzilla Bug 281851 Wrong scheme used when server offers both Basic and Digest auth [rfc2617 obsoletes rfc2068]
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
