[4838] in bugtraq
Cleartext Password display in NS Communicator
daemon@ATHENA.MIT.EDU (Fred Albrecht)
Wed Jul 2 14:39:12 1997
Date: Wed, 2 Jul 1997 17:33:43 +0200
Reply-To: Fred Albrecht <fred@DOTCOM.FR>
From: Fred Albrecht <fred@DOTCOM.FR>
To: BUGTRAQ@NETSPACE.ORG
The following has been tested with Netscape Communicator 4.0 on NT 4 an=
d
4.0b4 on Linux with the same results :
Problem :
The plaintext password for a machine accessed through FTP is
displayed by Communicator in some cases :
Method for reproduction
1. start NS Communicator
2. enter a URL of the form =AB ftp://user@host =BB
3. fill in the password in the box that Communicator pops up
4. when the file list is displayed, follow the =AB Parent Directory =BB=
link
5. click =AB back =BB (seems to be optional in Linux)
The password is now plainly visible in the URL field :
=AB ftp://user:passwd@host =BB
This is of course a bad thing especially since JavaScript programs can
access the history list. I haven't had time to experiment with
JavaScript regarding this but I'm certain someone will :)
This has interesting potential.
Netscape has been notified of the problem.
Fred.
-- ----------------------------------------------------------
DotCom - Communication Num=E9rique
http://www.dotcom.fr mailto:info@dotcom.fr +33 01 46 67 51 00
"We use only the freshest handpicked electrons"
----------------------------------------------------------
