Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Gmail flaw fixed

Gmail flaw fixed

by Ivana Strahija on November 22nd, 2005 Google has quietly fixed a flaw in its Gmail service that could have allowed attackers to gain complete control of other users' accounts. The bug was reported to the company by Elhacker site.


Elhacker.net has now decided to publish details of the process for exploiting the bug, apparently because Google forgot to say ‘thank you’. -OK, it's a beta version, and they don't have to report anything, the site said in an advisory. -But if they would have recognised it and published a thank you note, this information wouldn't have been published.’

Besides publishing the information on Elhacker, the site said the flaw had been demonstrated to a Spanish IT security magazine. Google minimized the seriousness of the flaw, saying it could only be exploited if a user provided their authentication token to the attacker, usually protected by encryption.

Google spokeswoman Sonya Boralv said: -We have made some modifications to Gmail to help prevent these kinds of issues in the future.’


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »