Advertisement
Promo

Security threats Toolkit

Gmail exploit may let attackers forward email

Steven Musil CNET News

Published: 24 Nov 2008 12:51 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A security vulnerability in Gmail may allow attackers to set up filters on users' email accounts without their knowledge, according to a proof-of-concept exploit posted on the Geek Condition website on Sunday.

The post states that the vulnerability has caused some people to lose their domain names registered through GoDaddy.com.

The post explains that the exploit relies on obtaining the variables that represent the username and 'at': "When you create a filter in your Gmail account, a request is sent to Google's servers to be processed. The request is made in the form of a url with many variables. For security reasons, your browser doesn't display all the variables contained within the url. Using Firefox and a plug-in called 'Live HTTP Headers', you can see exactly what variables are sent from your browser to Google's servers."

After that, an attacker just needs to identify the variable that is the equivalent of the username.

"Obtaining this variable is tricky but possible," the post states. "I'm not going to tell you how to do it; if you search hard enough online, you'll find out how."

Read this

Comment
Tackling the threat from compromised websites

Most web-based malware now comes from genuine sites that have been compromised, but security expert Mary Landesman wonders: are site owners and visitors are addressing the problem?

Read more +

The 'at' variable can be obtained by visiting a malicious website, the post states, suggesting that Google makes the 'at' variable expire after every request rather than after every session.

To avoid falling victim to the vulnerability, users should check their filters often, the post suggests. Firefox users can download an extension called 'NoScript' that helps prevent these attacks.

Any website that uses cookies for authentication requests can be taken advantage of in the same way. To avoid becoming a victim of this type of exploit, Gmail users should log out of their accounts when they are not in use, and not visit websites that they don't trust.

Google representatives did not immediately return a request for comment.

Credit: Gmail exploit may allow attackers to forward e-mail from CNET News

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:





Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters