PROGAME Posted November 24, 2008 Share Posted November 24, 2008 cnet Reports: A Gmail security vulnerability may allow an attacker to set up filters on users' e-mail accounts without their knowledge, according to a proof of concept posted Sunday at the blog Geek Condition. In a post, Geek Condition's "Brandon" writes that the vulnerability has caused some people to lose their domain names registered through GoDaddy.com. Googles response: "We're trying to reach the blogger making this claim for more details, but we haven't seen evidence that this would be specific to Gmail," the representative said. "We use standard industry methods for protecting cookies, similar to most Web services using HTTP. In fact, we offer additional protection by offering the option of a secure connection (HTTPS) throughout the session for free." Source: http://news.cnet.com/8301-1009_3-10106275-83.html watch your cookie jar! :p Link to comment Share on other sites More sharing options...
rpgfan Posted November 25, 2008 Share Posted November 25, 2008 I swear that I've seen this before... Did they not fix the issue originally, or is this a different attack method that does the same thing? For the record, if you're concerned about this always use HTTPS. The option is available in the Settings. Link to comment Share on other sites More sharing options...
primexx Posted November 25, 2008 Share Posted November 25, 2008 shouldn't they be POSTing stuff like this?? Link to comment Share on other sites More sharing options...
Recommended Posts