Gmail Cookie Vulnerability
|
09-27-2007, 04:07 PM,
Post: #1
|
|||
|
|||
Gmail Cookie Vulnerability
Quote:Petko Petkov of "ethical hacking" group GNUCitizen has developed a proof-of-concept program to steal contacts and incoming e-mails from Google Gmail users. full article: http://www.news.com/Gmail-cookie-vulnerability-exposes-users-privacy/2100-1002_3-6210353.html?part=rss&tag=2547-1_3-0-20&subj=news
Al draagt een aap een gouden ring, het is en blijft een lelijk ding
|
|||
09-28-2007, 06:14 PM,
Post: #2
|
|||
|
|||
Re: Gmail Cookie Vulnerability
Quote:-if the victim is logged in and clicks on a malicious link. From that moment, the attacker can take over the session cookies for Gmail and subsequently forward all the account's messages to a POP account... I am not sure that I understand this. Does this mean that if you have your gmail acct open in one tab, and you click on a malicious link while browsing using another tab, they can then take over your account and forward the mail? |
|||
09-29-2007, 03:02 AM,
Post: #3
|
|||
|
|||
Re: Gmail Cookie Vulnerability
[quote author=BellisimaJ. link=topic=16521.msg65215#msg65215 date=1191003299]
Quote:-if the victim is logged in and clicks on a malicious link. From that moment, the attacker can take over the session cookies for Gmail and subsequently forward all the account's messages to a POP account... I am not sure that I understand this. Does this mean that if you have your gmail acct open in one tab, and you click on a malicious link while browsing using another tab, they can then take over your account and forward the mail? [/quote] ×Ö¸×Öµ× |
|||
09-29-2007, 11:43 AM,
Post: #4
|
|||
|
|||
Re: Gmail Cookie Vulnerability
Quote:×Ö¸×Öµ× Um, jez................. |
|||
09-29-2007, 06:30 PM,
Post: #5
|
|||
|
|||
Re: Gmail Cookie Vulnerability
[quote author=BellisimaJ. link=topic=16521.msg65215#msg65215 date=1191003299]
Quote:-if the victim is logged in and clicks on a malicious link. From that moment, the attacker can take over the session cookies for Gmail and subsequently forward all the account's messages to a POP account... I am not sure that I understand this. Does this mean that if you have your gmail acct open in one tab, and you click on a malicious link while browsing using another tab, they can then take over your account and forward the mail? [/quote] If you're logged into gmail you're vulnerable if you click on a malicious link in an email or web page. |
|||
09-30-2007, 06:10 PM,
Post: #6
|
|||
|
|||
Re: Gmail Cookie Vulnerability
Thanks Rose. That means I can no longer leave a tab with a gmail account open throughout the day.
|
|||
09-30-2007, 08:16 PM,
Post: #7
|
|||
|
|||
Re: Gmail Cookie Vulnerability
[quote author=BellisimaJ. link=topic=16521.msg65255#msg65255 date=1191175820]
Thanks Rose. That means I can no longer leave a tab with a gmail account open throughout the day. [/quote] I already told you that. I clearly said yes in answer to your question BEFORE Rose swooped in after me to get all the praise and glory. Doesn't anyone around this boinking place understand basic English Hebrew? :twistedevil: |
|||
09-30-2007, 10:35 PM,
Post: #8
|
|||
|
|||
Re: Gmail Cookie Vulnerability
[quote author=jezebel link=topic=16521.msg65256#msg65256 date=1191183402]
[quote author=BellisimaJ. link=topic=16521.msg65255#msg65255 date=1191175820] Thanks Rose. That means I can no longer leave a tab with a gmail account open throughout the day. [/quote] I already told you that. I clearly said yes in answer to your question BEFORE Rose swooped in after me to get all the praise and glory. Doesn't anyone around this boinking place understand basic English Hebrew? :twistedevil: [/quote] Ha! That only very vaguely resembles Hebrew! And even if it were more recognizable, I couldn't friggin' read it, lol!! Two years of Hebrew and I learned very little except for how to make Cantor angry because I talked too much, and not in Hebrew!! |
|||
« Next Oldest | Next Newest »
|
Possibly Related Threads… | |||||
Thread | Author | Replies | Views | Last Post | |
Tons of Gmail Tips | mandy | 1 | 3,915 |
12-27-2007, 11:59 AM Last Post: lukeatme7 |
|
Google GMail increases storage space...but it'll cost you | mandy | 0 | 2,820 |
08-11-2007, 09:52 AM Last Post: mandy |
|
Google Could Face Lawsuit Over Use of Gmail Name | mandy | 4 | 10,456 |
07-05-2007, 10:41 AM Last Post: mandy |
|
Comparison of GMail, Live Hotmail, and Yahoo Mail Services | mandy | 0 | 3,172 |
02-09-2007, 11:13 AM Last Post: mandy |
|
Gmail users at risk of Contact List Hijacking | mandy | 1 | 2,730 |
01-03-2007, 09:35 AM Last Post: mandy |
|
Verizon Bouncing Many GMail Accounts | regic | 2 | 3,378 |
04-25-2006, 09:29 PM Last Post: regic |
|
Gmail Spam! | diger7 | 3 | 3,526 |
02-12-2006, 07:06 AM Last Post: Nat |
|
Google Begins GMail for Domains Beta | mandy | 0 | 2,534 |
02-11-2006, 11:05 AM Last Post: mandy |
|
Google Blends Instant Messaging with Gmail | mandy | 0 | 2,409 |
02-07-2006, 11:32 AM Last Post: mandy |
|
Google Launches Mobile-Friendly Gmail | mandy | 0 | 2,655 |
12-18-2005, 11:17 AM Last Post: mandy |
Users browsing this thread: 1 Guest(s)