Sorry guys, but this particular URL, <a href="http://www.orkut.com">www.orkut.com</a> , makes us<br>Finns smile... "Orkut" means in our language "orgasms".<br>I just had to share this with you, please forgive me, it's
<br>almost friday night ;-)<br><br>Regards, Olli<br><br><div><span class="gmail_quote">On 9/7/06, <b class="gmail_sendername">Julio Cesar Fort</b> <<a href="mailto:julio@rfdslabs.com.br">julio@rfdslabs.com.br</a>> wrote:
</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">> I have found url redirection vulnerability on <a href="http://www.orkut.com">www.orkut.com
</a>.<br><br>Man, I don't want to disappoint you but this redirection vulnerability<br>is pretty old and has been being used in Brazil for sometime.<br>This vulnerability was noticed in the begining of the year, maybe, when
<br>orkut had changed its authentication scheme. I'm sure orkut was already<br>notified by other people but they hadn't patched it yet and the phishing<br>keeps going on :)<br><br>Sorry about any gramatical errors.<br><br>
Regards,<br>Julio Cesar Fort<br>Recife, PE, Brazil<br><a href="http://www.rfdslabs.com.br">www.rfdslabs.com.br</a> - computers, sex, human mind, music and more.<br><br>_______________________________________________<br>Full-Disclosure - We believe in it.
<br>Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>Hosted and sponsored by Secunia - <a href="http://secunia.com/">http://secunia.com/
</a><br></blockquote></div><br><br clear="all"><br>-- <br>terveisin, Olli