Closed Bug 286832 Opened 20 years ago Closed 20 years ago

If a user enters their password + any number of random characters, still authenticated

Categories

(Bugzilla :: User Accounts, defect)

Product:
Bugzilla
Component:
User Accounts
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED DUPLICATE of bug 211006

People

(Reporter: baver, Unassigned)

Details

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050306 Firefox/1.0.1 (Debian package 1.0.1-2) Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050306 Firefox/1.0.1 (Debian package 1.0.1-2) When a user logs in, if he/she types in her password, then types any string in after that in the password text box, he/she is still authenticated. Reproducible: Always Steps to Reproduce: 1. Log out. 2. Type in your username and password to login 3. Type in random numbers/letters after your password 4. Log in. Actual Results: I logged into a 2.16.4/2.16.8 bugzilla, and this bugzilla (2.19.1+ at the time of this writing). Expected Results: Log in failure.
*** This bug has been marked as a duplicate of 211006 ***
Group: webtools-security
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.