Gmail hacked?

By Yohann CIURLIK September 27, 2007, 17:00

I just read an alarming article on Clubic ! lock.thumbnail Gmail piraté ?

According to them:

This vulnerability allows a malicious attacker to get access to the account of a user by bringing it to navigate a page infected. Exploitation of this vulnerability depends on the method of Cross-Site Request Forgeries.

Like other online services, Gmail leaves open the session to a user after he has consulted with its messages so that it does not have to re-enter their credentials if he decides to go visit his inbox. The identifiers are then stored in what is called a "cookie".

It's a british researcher, Petko Petkov, who have discovered a flaw.

So a good advice: Always close the session after reading your email on a webmail (or do not use webmail).

Did you enjoy this article? Subscribe to the blog via email or RSS, you will automatically receive the new notes!
3
Imprimer Print Tags: , ,
Articles related:

3


A
www.blogmemes.fr September 27, 2007 at 17:04

GMail hacked? ...

- Do you like this article? Vote for him on Blogmemes.fr! This vulnerability allows a malicious attacker to get access to the account of a user by bringing it to navigate a page infected. The exploration ...


2
bluegger.com September 27, 2007 at 17:12

Gmail hacked? ...

This vulnerability allows a malicious attacker to get access to the account of a user by bringing it to navigate a page infected. Exploitation of this vulnerability depends on the method of Cross-Site R ...


3
Jerr September 28, 2007 at 9:16

Scary, especially since the same account is used for all google services (adsense, ...)

Leave a comment

Your comment

inicio