Vulnerability Development mailing list archives

Re: IE 5.0 vulnerability

From: davidu () ELECTRICITI COM (David U.)
Date: Sun, 24 Oct 1999 11:43:38 -0700

I have noticed this myself, however, on my IE 5.0, it only fills in the text type fields. (textbox, textarea, etc.) It 
does not enter passwords.  Are you sure that it also filled in the password?  If so, I would say it would be a problem 
for people who share their computers with others.  Also, I don't think it has anything to do with a cookie.  I am sure, 
just as with everything else it does, IE has some weird pseudo-registry DB which it stores all of those values in.
In any case, it is worth looking in to.
-davidu
  ----- Original Message ----- 
  From: Josh Burns 
  To: VULN-DEV () SECURITYFOCUS COM 
  Sent: Friday, October 22, 1999 2:20 PM
  Subject: IE 5.0 vulnerability

  I'm not sure if this has been announced yet, but here goes..  I am not sure if this is an IE 5 problem, or not, but 
when you have cookies enabled (default setting), and you use a service like AOLMail, Hotmail, or anything that requires 
a name and password, it is stored in a cookie for later use.  If the user closes IE, and then reopens it, and goes to 
the same page, and type in the first letter of their login name, a drop-down box will come up, with their user name in 
it, and you can click it.  Then, if the user clicks on the password field, it automatically fills in their password.  
I'm not sure what the cookie for this looks like, if the stored password is encrypted, or not, because I didn't have 
time to test.  This can most likely be fixed by going to Internet Options, and turning off cookies from all hosts.  
Please give me some feedback on this.

  Josh Burns

<!-- body="end" -->
<HR>

<UL>
<LI><STRONG>Next message:</STRONG> Crispin Cowan: "Re: possible gnome remote overflow"
<LI><STRONG>Previous message:</STRONG> David Schwartz: "Re: IE 5.0 vulnerability"
<LI><STRONG>In reply to:</STRONG> Josh Burns: "IE 5.0 vulnerability"
<LI><STRONG>Next in thread:</STRONG> Josh Burns: "Re: IE 5.0 vulnerability"
</UL>
<HR>

<SMALL>

This archive was generated by hypermail 2.0b3 
on Sun Oct 24 1999 - 14:07:55 CDT</EM>
</EM>
</SMALL>
</BODY>
</HTML>

Current thread:

IE 5.0 vulnerability Josh Burns (Oct 22)
- Re: IE 5.0 vulnerability David Schwartz (Oct 24)
- Re: IE 5.0 vulnerability Blue Boar (Oct 24)
- Re: IE 5.0 vulnerability David U. (Oct 24)
- Re: IE 5.0 vulnerability Mike Malouf (Oct 25)
- <Possible follow-ups>
- Re: IE 5.0 vulnerability Josh Burns (Oct 24)
- Re: IE 5.0 vulnerability -wb (Oct 26)
- Re: IE 5.0 Vulnerability Bill Weiss (Oct 26)