Full Disclosure: Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit

From: n3td3v <xploitable () gmail com>
Date: Sat, 30 Oct 2004 13:37:47 +0100

On Sat, 30 Oct 2004 13:47:30 +0200, Shoshannah Forbes <xslf () xslf com> wrote:

"A security hole in GMail has been found (an XSS vulnerability) which
allows access to user accounts without authentication. What makes the
exploit worse is the fact that changing passwords doesn't help. The full
details of the exploit haven't been disclosed"
http://slashdot.org/article.pl?sid=04/10/29/1830247
--
Shoshannah Forbes
http://www.xslf.com


This topic has already been post on FD hours and hours ago.

I guess the security professionals are getting over excited about this
stuff because they don't have the exploit :-)

Thanks,

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

Slashdot: Gmail Accounts Vulnerable to XSS Exploit Shoshannah Forbes (Oct 30)
- Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit n3td3v (Oct 30)
- Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit Calum Power (Oct 30)
  - Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit morning_wood (Oct 30)
    - Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit Calum Power (Oct 30)
    - Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit morning_wood (Oct 30)
    - Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit n3td3v (Oct 30)