[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
From: n3td3v <xploitable@xxxxxxxxx>
Date: Sat, 30 Oct 2004 13:37:47 +0100

On Sat, 30 Oct 2004 13:47:30 +0200, Shoshannah Forbes <xslf@xxxxxxxx> wrote:
> "A security hole in GMail has been found (an XSS vulnerability) which
> allows access to user accounts without authentication. What makes the
> exploit worse is the fact that changing passwords doesn't help. The full
> details of the exploit haven't been disclosed"
> http://slashdot.org/article.pl?sid=04/10/29/1830247
> --
> Shoshannah Forbes
> http://www.xslf.com

This topic has already been post on FD hours and hours ago.

I guess the security professionals are getting over excited about this
stuff because they don't have the exploit :-)

Thanks,

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
  - From: Shoshannah Forbes

Prev by Date: [Full-Disclosure] [OpenPKG-SA-2004.045] OpenPKG Security Advisory (mysql)
Next by Date: Re: [Full-Disclosure] Slightly off-topic: www.georgewbush.com
Previous by thread: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
Next by thread: Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
Index(es):
- Date
- Thread