Security researcher Tim Brown reported that Firefox discloses the
hostname and possibly the Windows domain through NTLM-based HTTP authentication when
sending type 3 messages as part of the authentication exchange. This is because the
Workstation
field is populated with the hostname of the system making the
request. An attacker can craft a malicious page to send a silent NTLM request that will
disclose the information without visibility in the client, leading to information
disclosure. This is mitigated because NTLM v1 is disabled by default configurations.