264578 - email passwords from other accounts are sent when retrieving RSS feeds

Status: RESOLVED INVALID

(MailNews Core :: Feed Reader, defect)

Description

[Mike Hamel]

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040820 Debian/1.7.2-4
Build Identifier: Thunderbird version 0.8 (20040913)

I trapped packets containing my email account password, during a communications
session where T'bird is checking RSS feeds. Using Sygate personal firewall I
trapped a group of packets to watch the communications involved in RSS, when I
noticed my email password being used in the process. 

Reproducible: Couldn't Reproduce
Steps to Reproduce:
1. Enable a packet logger
2. Refresh the RSS feeds to wired.com and netflix.com
3. Open the packet log

Actual Results:  
Found a packet containing my work email password with destination set to the
aforementioned web sites, port 80

Expected Results:  
..not transmit my email password despite the fact that the site is not looking
for it. 

The only other possibility might be that it is a bug in Sygate personal firewall
that incorrectly reports packet information, but the hex dump of the packet
containing my password had the wired.com and netflix.com IP address as the
destination. I have yet to successfully re-produce it. I've run spybot S&D, and
Adaware, and scanned with NortonAV, and find no virii or adware.

Thanks for your help, and I sincerely hope it is not a red-herring.
Mike

Comment 1

[Daniel Veditz [:dveditz] (OOO: back Aug 26)]

Need to confirm this bug, or close it. Nominating because we want to know which
one for sure before we ship.

Comment 2

[Asa Dotzler [:asa]]

restoring nomination.

Comment 3

[Mike Hamel]

Bug is in an older version of Sygate personal Firewall that does not correctly
display log which applications are initiating communications. Not Mozilla's problem.