lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: gui at goddessmoon.org (Kevin Gerry)
Subject: Interesting side effect of the new IE patch

Actually- there is a registry key you can put in to change back to the 
'correct' user:pass@...t way of processing... So it DOES still have that in 
there to follow RFC- Just needs to be activated first.

(It's in a newer KB article.)

~

----- Original Message ----- 
From: "Andreas 'GlaDiaC' Schneider" <andreas.schneider@...ux-gamers.net>
To: "Schmehl, Paul L" <pauls@...allas.edu>
Cc: <full-disclosure@...ts.netsys.com>
Sent: Wednesday, February 04, 2004 6:00 PM
Subject: Re: [Full-Disclosure] Interesting side effect of the new IE patch


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> The Netscape project is dead... you should check the Mozilla Suite or
> Mozilla Firebird :)
>
> http://www.mozilla.org/
>
> Schmehl, Paul L wrote:
> | Since the IE browser no longer allows the @ sign in a uri, you can no
> | longer download files from some vendors' sites.  Still works in Netscape
> | 7.1, however.  So far I've found three sites, but I haven't done an
> | extensive investigation.  These are just ones that I've stumbled across.
> | The most interesting one is NAI's download site for enterprise licensed
> | software packages.  (I suppose, if one was ambitious, one could google
> | for @?)
> |
> | I wonder how many other vendors are "cheating" on the RFCs to facilitate
> | browser interaction?
> |
> | Paul Schmehl (pauls@...allas.edu)
> | Adjunct Information Security Officer
> | The University of Texas at Dallas
> | AVIEN Founding Member
> | http://www.utdallas.edu/~pauls/
> |
> | _______________________________________________
> | Full-Disclosure - We believe in it.
> | Charter: http://lists.netsys.com/full-disclosure-charter.html
> |
> |
>
> - --
> http://www.linux-gamers.net - your online gaming resource
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.2 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
>
> iD8DBQFAIXmLf94+j/M+P8YRAoW/AJ97D0iN5k/ETOaDgX6zKw6bMyJ1HwCggj7u
> gPbxDI92Lv7A2kcU9vnQKYU=
> =oTA2
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ