GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   New Google Desktop Exploit Discovered (https://gfy.com/showthread.php?t=378198)

greentea 10-27-2004 10:55 AM
New Google Desktop Exploit Discovered
 
Another vulnerability in the Google Desktop search application has been discovered, similar but seperate to the ones discovered by Jim Ley and Netcraft. The discovery was made by Salvatore Aranzulla, an Italian journalist. The flaw allows attackers to target users of the Google Desktop application and modify the contents of search pages by injecting scripts located on external servers. Such cross site scripting attacks provide attackers with a means of obtaining information under the guise of a reputable domain.

Aranzulla has published details about the new vulnerability on his web site, where he includes some example exploits (Italian). He claims that inexperienced users may be susceptible to phishing attacks like these, while more experienced users may become suspicious due to the long URLs that are typically involved in exploiting cross site scripting vulnerabilities.

It is not clear whether Aranzulla notified Google before making his discovery public. As we previously reported, Jim Ley experienced difficulties when he tried to notify Google about a similar exploit he discovered more than two years ago. Conversely, a different vulnerability discovered by Netcraft last week, was closed within two days of being reported to Google.




http://mirabilweb.altervista.org/pag...ina=google_bug

marzzo 10-27-2004 08:14 PM
http://www.rootsweb.com/~usgenweb/ok...loflorence.jpg

Important topic - bump.

:glugglug

AndrewKanuck 10-27-2004 08:15 PM
Google desktop search stays off my desktop - easy solution

reynold 10-27-2004 09:30 PM
of course there has to be some catch! :feels-hot :feels-hot

HammerTime33 10-27-2004 09:33 PM
Exploit Discovered? I discovered it when it was mearly an idea, I mean come on WHAT A BAD IDEA !!

You simpoly wont see that shit here, hell I am just getting the nerve up to trust microsucks and SP2.

Vitasoy 10-27-2004 10:00 PM
People who install it, is asking for it

hagbard 10-27-2004 11:09 PM
Installed it. Love it. I limit what it spiders and I believe that its going to be both secure and the best search solution until the new FS comes out from MS in who knows how long (SQL based indexing) I found an email that outlook usually takes 1 minute to find in less than a second. I'm happy. Every OS and most apps have holes. everyone who posted a "i'm staying away" or "born to fail" post has at least one app that is just as bad. guaranteed.


All times are GMT -7. The time now is 10:26 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123