Closed Bug 228540 Opened 19 years ago Closed 19 years ago
[bug-hacker] URL permits a "Phishing Scam" of password and personal data
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6b) Gecko/20031208 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6b) Gecko/20031208 This is a not bug, but one fail of http url. Here in brazil, some crackers has been used a url feature of browsers, to do this : http://firstname.lastname@example.org/ in link of variety of fake mails to people think that is a true mail of bank (or other financial agency) to phishing passwords and other personal data. I dont know if there are solution to this problem, but I believe that in short time, so much crackers will be use this form to create fake URL. Thanks a lot, Reproducible: Always Steps to Reproduce: 1.open mozilla 2.type in URL : http://www.site.com%01%00@name-or-ip-addres-of-http-server/ 3.Done. Actual Results: people can be deceived by a false URL. Expected Results: deny access using this techinique.
*** This bug has been marked as a duplicate of 228176 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → VERIFIED
-> XP aps
Component: Keyboard: Navigation → XP Apps
You need to log in before you can comment on or make changes to this bug.