[Full-disclosure] Orkut URL Redirection Vulnerability
Olli Haukkovaara
cruzan at gmail.com
Thu Sep 7 18:53:53 BST 2006
Sorry guys, but this particular URL, www.orkut.com , makes us
Finns smile... "Orkut" means in our language "orgasms".
I just had to share this with you, please forgive me, it's
almost friday night ;-)
Regards, Olli
On 9/7/06, Julio Cesar Fort <julio at rfdslabs.com.br> wrote:
>
> > I have found url redirection vulnerability on www.orkut.com.
>
> Man, I don't want to disappoint you but this redirection vulnerability
> is pretty old and has been being used in Brazil for sometime.
> This vulnerability was noticed in the begining of the year, maybe, when
> orkut had changed its authentication scheme. I'm sure orkut was already
> notified by other people but they hadn't patched it yet and the phishing
> keeps going on :)
>
> Sorry about any gramatical errors.
>
> Regards,
> Julio Cesar Fort
> Recife, PE, Brazil
> www.rfdslabs.com.br - computers, sex, human mind, music and more.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
terveisin, Olli
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060907/4d0d710e/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.