Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Security flaw in Full Disclosure mailing list

From: Brandon Perry <bperry.volatile () gmail com>
Date: Wed, 2 Apr 2014 17:31:41 -0500
Actually, most email clients now can filter out your plain texts passwords.

For instance, my password is hunter2, but you will only ever see *********.
Email has worked this way for ages now.


On Wed, Apr 2, 2014 at 4:38 PM, Michal Zalewski <lcamtuf () coredump cx> wrote:


-                table.append(fmt % (listaddr, password, optionsurl))
+                table.append(fmt % (listaddr, "********", optionsurl))


That doesn't work if my password is "********".

/mz

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/





-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: