Network Security: Detailed info on Re: Capital One's website inadvertently assists phishing

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

Re: Capital One's website inadvertently assists phishing

from [Allen Parker] Network Security

[Permanent Link]

Subject:	Re: Capital One's website inadvertently assists phishing
Date:	Tue, 19 Apr 2005 14:27:56 -0800

Just tested, seems fixed.

On 4/19/05, Joseph Barillari <bugtraq@barillari.org> wrote:

Capital One's website has an unchecked redirect. I'm used to seeing
these exploited by slashdot trolls (e.g., sending people to the goatse
picture when they think they're going to microsoft.com), but this is
the first case in which I've seen one at a bank's website.

<snip>

-- 
________________________________________
To avoid being added to my spam filter:
1. Utilize list replies unless otherwise requested.
2. If you DO send me a personal email, use english.
3. HTML isn't cute. It belongs on the web, not in my inbox.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Capital One's website inadvertently assists phishing, Joseph Barillari Message not available Re: Capital One's website inadvertently assists phishing, Joseph Barillari Re: Capital One's website inadvertently assists phishing, Allen Parker <= RE: Capital One's website inadvertently assists phishing, Rager, Anton (Anton)

Previous by Date:	Re: Capital One's website inadvertently assists phishing, Joseph Barillari
Next by Date:	Annuaire Netref v4.2 [ fwrite php ] vulnerability, jaguar
Previous by Thread:	Re: Capital One's website inadvertently assists phishing, Joseph Barillari
Next by Thread:	RE: Capital One's website inadvertently assists phishing, Rager, Anton (Anton)
Indexes:	[Date] [Thread] [Top] [All Lists]