Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Google

+ - Gmail backdoor vulnerability->

Submitted by castrox
castrox (630511) writes "From the article on The Register:

The technique comes courtesy of Petko D. Petkov, a researcher at GNU Citizen, who writes in a blog post that the backdoor is installed simply by luring a victim to a specially crafted website while logged in to Gmail. The naughty site uses a slight of hand known as a multipart/form-data POST, which writes a filter to Gmail that causes all email with attachments to be forwarded to collect@evil.com.
Looks like a nasty "POST injection" from a malicious site you're visiting while logged into Gmail is all it takes to alter your Gmail settings. Apparently, Google is investigating and has no further comments at this time."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Gmail backdoor vulnerability

Comments Filter:

"Text processing has made it possible to right-justify any idea, even one which cannot be justified on any other grounds." -- J. Finnegan, USC.

Working...