Solving B from h(A || P) with h = MD5

[eon...@gmail.com]

On the code-base I am working with I came across a method to create
one-off authentication URIs with format OneOff(A) = A || h(A || P)
where A is the requested URI with username and other information and P
that user's password.
I am now wondering that is there a way to crack this sort of scheme
faster than using brute-force? What I've gathered from different
articles and web sites discussing collisions in MD5, the
vulnerabilities are only in form where given arbitrarty prefixes A_1
and A_2 one can find suffixes that produce same hash for both
plaintexts.

So does some vulnerability in MD5 give faster way to calculate the pre-
image given that we know quite a lot about it? What I've understood
from ideal one-way hash functions, this should not be the case but I
really haven't quite absorbed everything about MD5 tunnels.