lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 3 Feb 2004 20:26:30 +0300
From: 3APA3A <3APA3A@...URITY.NNOV.RU>
To: "McAllister, Andrew" <McAllisterA@...ystem.edu>
Cc: bugtraq@...urityfocus.com
Subject: Re: MS to stop allowing passwords in URLs


Dear McAllister, Andrew,


--Thursday, January 29, 2004, 1:54:00 AM, you wrote to bugtraq@...urityfocus.com:



MA> Anyone have any comments regarding legitimate uses of this syntax and
MA> Microsoft removing it from their browser? (and presumably the OS since
MA> the browser IS the OS).

ftp://user:pass@...e

is  _only_  way  to  authenticate  FTP through HTTP proxy (if not given,
proxy always use anonymous).

-- 
~/ZARAZA
Всегда будем рады послушать ваше чириканье (Твен)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ