[Bug 29893] New: Login credentials over network in Clear-text

bugzilla-daemon Thu, 14 Jul 2011 00:33:33 -0700

https://bugzilla.wikimedia.org/show_bug.cgi?id=29893


       Web browser: ---
             Bug #: 29893
           Summary: Login credentials over network in Clear-text
           Product: MediaWiki
           Version: 1.17
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: critical
          Priority: Unprioritized
         Component: User preferences
        AssignedTo: [email protected]
        ReportedBy: [email protected]
                CC: [email protected]
    Classification: Unclassified


Created attachment 8781
  --> https://bugzilla.wikimedia.org/attachment.cgi?id=8781
MSword file showing PoC for the bug

Packet capture over the network using wireshark, reveals that wikipedia login
credentials are passed over the network in clear text and can be seen by
anybody monitoring the network.

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.

_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 29893] New: Login credentials over network in Clear-text

Reply via email to