Gmail exploit may allow attackers to forward e-mail


	Gmail exploit may allow attackers to forward e-mail

Fast T friend

11-24-2008 6:16 AM

327 views

tags:

gmail, security, filters

Fast T friend says:

Check your filters to make sure no un-authorized ones have been added.

1 Comment |

Add a Comment

11-26-2008 5:35 PM

birdie-brain

oh damn. =(

Login to Comment. Not a member yet? Sign up

Today's Top Clips

visit the Top Clips page

View the Top Clips from November 24, 2008

Embed This Clip In Your Site...

<div style="margin: 12px 0px; font-family: arial; color: #333333; background: #ffffff; border: solid 4px #e5e5e5; width: 100%; clear: left;"><div class="CM_CTB_Content_Wrap" style="margin: 0px; padding: 0px;background-color: #ffffff;"><div style="border-bottom: solid 1px #dcdcdc; white-space: nowrap; margin-bottom: 8px; background-color: #eeeeee ;background-image: url(http://clipmarks.com/images/source-bg.gif); background-repeat: repeat-x; height: 24px; line-height: 24px; vertical-align: middle; padding-bottom: 4px; color: #666666; font-size: 10px;" ><a href="http://clipmarks.com/clip-to-blog/" title="see clips that are hot right now"><img src="http://content.clipmarks.com/blog_embed/63d8b702-c577-47ee-8735-4c7a6f861d10/5D03C6EF-7EB2-41B7-A859-0CEC304EA2C2/" alt="" width="19" height="19" border="0" style="vertical-align: middle; margin: 0px 4px; display: inline; border: none; float:none;" /></a>clipped from <a title="http://news.cnet.com/8301-1009_3-10106275-83.html?part=rss&subj=news&tag=2547-1_3-0-20" href="http://news.cnet.com/8301-1009_3-10106275-83.html?part=rss&subj=news&tag=2547-1_3-0-20" style="font-size: 11px;">news.cnet.com</a></div><blockquote style="text-align: left; padding: 0px 8px; margin: 4px 0px 8px 0px; background: transparent; border: none;" cite="http://news.cnet.com/8301-1009_3-10106275-83.html?part=rss&subj=news&tag=2547-1_3-0-20"><P>
A Gmail security vulnerability may allow an attacker to set up filters on users' e-mail accounts without their knowledge, according to a <A href="http://geekcondition.com/2008/11/23/gmail-security-flaw-proof-of-concept/">proof of concept</A> posted Sunday at GeekCondition.com.
</P></blockquote><div style="height: 2px; font-size: 2px; background: #dcdcdc; border-bottom: solid 1px #f5f5f5; margin: 2px 4px;"></div><blockquote style="text-align: left; padding: 0px 8px; margin: 4px 0px 8px 0px; background: transparent; border: none;" cite="http://news.cnet.com/8301-1009_3-10106275-83.html?part=rss&subj=news&tag=2547-1_3-0-20"><P>
In his post, Brandon writes that the vulnerability has caused some people to lose their domain names registered through GoDaddy.com.
</P></blockquote><div style="height: 2px; font-size: 2px; background: #dcdcdc; border-bottom: solid 1px #f5f5f5; margin: 2px 4px;"></div><blockquote style="text-align: left; padding: 0px 8px; margin: 4px 0px 8px 0px; background: transparent; border: none;" cite="http://news.cnet.com/8301-1009_3-10106275-83.html?part=rss&subj=news&tag=2547-1_3-0-20"><BLOCKQUOTE>
When you create a filter in your Gmail account, a request is sent to Google's servers to be processed. The request is made in the form of a url with many variables. For security reasons, your browser doesn't display all the variable contained within the url. Using FireFox and a plugin called Live HTTP Headers, you can see exactly what variables are sent from your browser to Google's servers.
</BLOCKQUOTE></blockquote><div style="height: 2px; font-size: 2px; background: #dcdcdc; border-bottom: solid 1px #f5f5f5; margin: 2px 4px;"></div><blockquote style="text-align: left; padding: 0px 8px; margin: 4px 0px 8px 0px; background: transparent; border: none;" cite="http://news.cnet.com/8301-1009_3-10106275-83.html?part=rss&subj=news&tag=2547-1_3-0-20"><P>
After that, an attacker just needs to identify the variable that is the equivalent of the username.
</P></blockquote><div style="height: 2px; font-size: 2px; background: #dcdcdc; border-bottom: solid 1px #f5f5f5; margin: 2px 4px;"></div><blockquote style="text-align: left; padding: 0px 8px; margin: 4px 0px 8px 0px; background: transparent; border: none;" cite="http://news.cnet.com/8301-1009_3-10106275-83.html?part=rss&subj=news&tag=2547-1_3-0-20"><P>
"Obtaining this variable is tricky but possible," he writes. "I'm not going to tell you how to do it, if you search hard enough online you'll find out how."
</P></blockquote></div><div style="margin: 0px 6px 6px 4px;"><table style="font-size: 11px;border-spacing: 0px;padding: 0px;" cellpadding="0" cellspacing="0" width="100%"><tr><td style="background:transparent;border-width:0px;padding:0px;">&nbsp;</td><td align="right" style="background:transparent;border-width:0px;padding:0px;width:107px" width="107"><a href="http://clipmarks.com/share/5D03C6EF-7EB2-41B7-A859-0CEC304EA2C2/blog/" title="blog or email this clip"><img src="http://content7.clipmarks.com/images/c2b-foot.png" border="0" alt="blog it" width="107" height="17" style="border-width:0px;padding:0px;margin:0px;" /></a></td></tr></table></div></div>

New from the makers of Clipmarks: Amplify.com - Don't just share the news...Amplify it!

Clipmarks: Home; New Clips; Top Clips; Dashboard

Popular Topics: News; Life; Science; Technology; Entertainment

Get Started: Sign Up; Install Clipping Tool; How Clipping Works; Clip-to-Blog™; ClipSearch

Tools and Resources: FAQ; ClipWeek; Top Clippers; Top Tags; Site Map

About Clipmarks: About Us; Contact; Copyright; Privacy; EULA

Search Options

Today's Top Clips