mailing list archives
Google Groups e-mail disclosure in plain text
From: n3td3v <n3td3v () gmail com>
Date: Tue, 18 Apr 2006 20:21:47 +0100
Google Inc (GOOG).
Google has an archive of Usenet since 1981 on its network. However,
Google decided to build a new Groups interface known as Google Groups
2 or GG2 for short.
Bot network harvesting of e-mail address in plain text via web
Steps Google already take to prevent plain text e-mail disclosure:
Google obscure an e-mail address in message headers via web interface.
Google allow you to view an e-mail address in plain text via word
verification system -only, via the web interface.
Google forgot to add obscurity measures for forwarded messages, and so
an e-mail address is readable via web interface headers, in plain
See here for further info:
How long n3td3v has know about this issue:
Since 2004, when GG2 was launched in beta format.
Because I was hoping this easy to fix issue would be sorted by now,
but its not been, so I issued an advisory last night via the official
GG2 group, to make the GG2 team 100% fully aware of the problem.
#1 n3td3v released cross-site scripting vulnerability for Google
Groups browse thread in December 2004 (This attack targeted the
#2 n3td3v released cross-site scripting vulnerability for Google
Groups pending message December 2005 (This attack targeted owner and
#3 n3td3v released sender e-mail in plain text vulnerability for
Google Groups forwarded message April 2006
(This attack targeted the general public)
I'll see you next time Google!
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Google Groups e-mail disclosure in plain text n3td3v (Apr 18)