Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Google

+ - Gmail backdoor vulnerability->

Submitted by castrox
castrox (630511) writes "From the article on The Register:

The technique comes courtesy of Petko D. Petkov, a researcher at GNU Citizen, who writes in a blog post that the backdoor is installed simply by luring a victim to a specially crafted website while logged in to Gmail. The naughty site uses a slight of hand known as a multipart/form-data POST, which writes a filter to Gmail that causes all email with attachments to be forwarded to collect@evil.com.
Looks like a nasty "POST injection" from a malicious site you're visiting while logged into Gmail is all it takes to alter your Gmail settings. Apparently, Google is investigating and has no further comments at this time."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Gmail backdoor vulnerability

Comments Filter:

"Necessity is the mother of invention" is a silly proverb. "Necessity is the mother of futile dodges" is much nearer the truth. -- Alfred North Whitehead

Working...