Netscape for Mac OS Form Field Password Disclosure

2001-11-21T23:11:52
ID OSVDB:5524
Type osvdb
Reporter Eric Behr(behr@math.niu.edu )
Modified 2001-11-21T23:11:52

Description

Vulnerability Description

Netscape contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plaintext passwords when a user enters a password into a password form field, and then that page is printed, which may lead to a loss of confidentiality.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Netscape contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plaintext passwords when a user enters a password into a password form field, and then that page is printed, which may lead to a loss of confidentiality.

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-11/0178.html ISS X-Force ID: 7593 CVE-2001-0921 Bugtraq ID: 3565