Research

Tuesday, January 18, 2005

Google plugs brace of GMail security flaws, The Register, 17 Jan 2005

“A flaw in Froogle, Google's price-comparison service, created a means for attackers to swipe cookies used to access GMail accounts. Israeli hacker Nir Goldshlager demonstrated how users fooled into executing script by clicking a link pointed at Froogle could be redirected to a site that steals usernames and passwords for the "Google Accounts" centralised log-in service. Google has fixed the vulnerability, preventing further theft. But Goldshlager warns that data from already stolen cookies can still be used even if the password of compromised accounts is changed.�

Full story at http://www.theregister.co.uk/2005/01/17/google_security_bugs/

0 Comments:

Post a Comment

<< Home