Network Security: Detailed info on Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit

from [n3td3v] Network Security

[Permanent Link]

Subject:	Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
Date:	Sat, 30 Oct 2004 13:37:47 +0100

On Sat, 30 Oct 2004 13:47:30 +0200, Shoshannah Forbes <xslf@xslf.com> wrote:

"A security hole in GMail has been found (an XSS vulnerability) which
allows access to user accounts without authentication. What makes the
exploit worse is the fact that changing passwords doesn't help. The full
details of the exploit haven't been disclosed"
http://slashdot.org/article.pl?sid=04/10/29/1830247
--
Shoshannah Forbes
http://www.xslf.com


This topic has already been post on FD hours and hours ago.

I guess the security professionals are getting over excited about this
stuff because they don't have the exploit :-)

Thanks,

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, Shoshannah Forbes Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, n3td3v <= Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, Calum Power Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, morning_wood Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, Calum Power Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, morning_wood Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, n3td3v Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, Nancy Kramer Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, n3td3v Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, Jesse Ruderman

Previous by Date:	[Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, Shoshannah Forbes
Next by Date:	Re: [Full-Disclosure] Slightly off-topic: www.georgewbush.com, n3td3v
Previous by Thread:	[Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, Shoshannah Forbes
Next by Thread:	Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit, Calum Power
Indexes:	[Date] [Thread] [Top] [All Lists]