12-26-2007, 03:06
|
#1
|
|
Stalker
Posts: 2,553
Blog Entries: 13Gender:  Ingame: Avatar Name:
Sunnata Thoreau Annata
Soc: Viva la Swamp Camp
Location: On a EU break.
EFD: 3,938.66
Reputation: Exceptional
Fame: 218
Achievements: 4
Style:
|
For those of you that use Gmail - be careful.
Quote:
|
The victim visits a page while being logged into GMail. Upon execution, the page performs a multipart/form-data POST to one of the GMail interfaces and injects a filter into the victim’s filter list. In the example above, the attacker writes a filter, which simply looks for emails with attachments and forwards them to an email of their choice. This filter will automatically transfer all emails matching the rule. Keep in mind that future emails will be forwarded as well. The attack will remain present for as long as the victim has the filter within their filter list, even if the initial vulnerability, which was the cause of the injection, is fixed by Google.
|
WARNING: Google’s GMail security failure leaves my business sabotaged :: David Airey :: Graphic and Logo Designer
Read the post at the above website. Incredible stuff. |
|
|
__________________
Arrived on Calypso 12-26-2003. There is one god MA (pronounced MAh) and Marco is her prophet.
|
|
|