[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
From:       n3td3v <xploitable () gmail ! com>
Date:       2004-10-31 13:13:42
Message-ID: 4b6ee931041031051324ecbe1e () mail ! gmail ! com
[Download RAW message or body]

On Sun, 31 Oct 2004 03:05:09 -0500, Nancy Kramer
<nekramer@mindtheater.net> wrote:
> Google is very secretive about everything.  Don't expect them to share
> information.
> 
> Regards,
> 
> Nancy Kramer
> Webmaster http://www.americandreamcars.com
> Free Color Picture Ads for Collector Cars
> One of the Ten Best Places To Buy or Sell a Collector Car on the Web

Fair enough google may not want to release the technical detail of the
vulnerability, but remember its not just google that have it.

Third parties, security research groups, the news website, and the
hacker and probably a bunch of his friends.

A leak by a third party is bound to come sooner or later I suspect. :-)

Thanks,

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[prev in list] [next in list] [prev in thread] [next in thread]