Netscape Navigator non-secure form submission warning is disabled

Risk Level: Low risk vulnerability  Low

Check or Attack Name: Nav non-secure submission
Platforms: Windows 95, Solaris: 2.5.1, Windows NT: 4.0
Description:

The web browser displays no warning when submitting non-encrypted form data to the HTML page making the data request. A user may be unable to distinguish between encrypted and non-encrypted form data. Potentially sensitive data may be intercepted by packet sniffing.
Remedy:

Depending on your version, select one of the following choices in Netscape Navigator:

  • In Netscape Navigator 2.x, go to Security Preferences and enable Submitting a Form Insecurely.

    To set Security Preferences in Netscape Navigator 2.x, follow these steps:

    1. Open Netscape Navigator 2.x.
    2. From the Options menu, select Security Preferences.
    3. Locate the security feature and set it to the recommended value.
    4. Click OK.
  • In Netscape Navigator 3.x, from Security Preferences, go to the General section and enable Submitting a Form Insecurely.

    To set Security Preferences in Netscape Navigator 3.x, follow these steps:

    1. Open Netscape Navigator 3.x.
    2. From the Options menu, select Security Preferences.
    3. Click the General tab.
    4. Locate the security feature and set it to the recommended value.
    5. Click OK.
  • In Netscape Navigator 4.x, from Security Info, go to the Navigator section and enable Sending Unencrypted Information to a Site.

    To set Security Preferences in Netscape Navigator 4.x, follow these steps:

    1. Open Netscape Navigator 4.x.
    2. From the Window menu, select Security Info.
    3. Click Navigator.
    4. Locate the security feature and set it to the recommended value.
    5. Click OK.
    		•
    References:
    X-Force Logo
    Know Your Risks