Serious issue with database login, a user may log in with a fictional password that begins with the actual password for the database ------------------------------------------------------------------------------------------------------------------------------------
Key: CORE-3933 URL: http://tracker.firebirdsql.org/browse/CORE-3933 Project: Firebird Core Issue Type: Bug Affects Versions: 2.1.3 Environment: Windows 7 x64 (Professional) Firebird 2.1.3 Reporter: jaymie.phillips The user is able to log in with a paswword that is an extended version of the password used for the database. example: if the password for the database is := masterkey then the user is able to log in with a password of := masterkeythisisthepasswordrighthere providing the username matches this is however does not appear to apply to the username field -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://tracker.firebirdsql.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira ------------------------------------------------------------------------------ Got visibility? Most devs has no idea what their production app looks like. Find out how fast your code is with AppDynamics Lite. http://ad.doubleclick.net/clk;262219671;13503038;y? http://info.appdynamics.com/FreeJavaPerformanceDownload.html Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel