Slashdot Mirror


Password Vulnerability In Firefox 2.0.0.5

Paris The Pirate writes "According to a message posted over the weekend on the Full-Disclosure mailing list, the latest version of Firefox, 2.0.0.5, contains a password management vulnerability that can allow malicious Web sites to steal user passwords. If you have JavaScript enabled and allow Firefox to remember your passwords, you are at risk from this flaw."

12 of 176 comments (clear)

  1. Or Firefox for that matter by benhocking · · Score: 3, Funny

    All the truly intelligent people use Lynx.

    --
    Ben Hocking
    Need a professional organizer?
  2. Low security passwords by benhocking · · Score: 3, Funny

    Eh. Depends on what passwords you set it to remember. There are a ton of BS passwords that I don't give a damn if someone steals.
    Absolutely. My Slashdot password, for example, is one that I allow Firefox to remember. Er, not that I'm claiming Slashdot is BS or anything. ;)
    --
    Ben Hocking
    Need a professional organizer?
  3. Re:Wimp by dattaway · · Score: 4, Funny

    telnet is for weenies.

    netcat is for men.

  4. Please Help!! by The+Real+Normal+Dan · · Score: 5, Funny

    Very funny you jerk! You steal my password, then mock me on my slashdot account! Is there an admin around? -The Real Normal Dan

  5. Stealing passwords? Hardly... by goldspider · · Score: 4, Funny

    This isn't theft, it's liberation! Information (including passwords) wants to be free!

    --
    "Ask not what your country can do for you." --John F. Kennedy
  6. Re:Wimp by Anonymous Coward · · Score: 5, Funny

    i just attach the cables to my nipples and decode the packets manually.

  7. Re:Password Remember Function by Tridus · · Score: 4, Funny

    I knew Post It Notes were more secure!

    --
    -- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
  8. Re:Is this OS independent? by PPH · · Score: 4, Funny

    Memo to self: Take my /. password, 'ImADork' off my bank account.

    --
    Have gnu, will travel.
  9. Re:Do not save passwords by eln · · Score: 4, Funny

    Pretty much all text is plane text. Unless it's 3 dimensional I guess.

  10. Re:Wimp by rleibman · · Score: 5, Funny

    i just attach the cables to my nipples and decode the packets manually.

    Yeah, but can you generate outbound traffic?

  11. Re:Is this OS independent? by Anonymous Coward · · Score: 3, Funny

    I already changed your bank password for ya.

    Dork.

  12. Re:Is this OS independent? by RealGrouchy · · Score: 5, Funny

    I haven't RTFA (after all, this is Slashdot), but are all OSes equally vulnerable? I can confirm that it works on Linux. TFA, or the vulnerability?

    - RG>
    --
    Hey pal, this isn't a pleasantforest, so don't waste my time with pleasantries!