Full Disclosure mailing list archives
Re: GMail logout (not sure if you could call it a vulnerability)
From: Nico Golde <nion () gmx net>
Date: Tue, 22 Jun 2004 13:37:55 +0200
Hallo QoDS, * QoDS ec <QoDSec () gmail com> [2004-06-22 13:22]:
for example consider the following invite link: http://gmail.google.com/gmail/a-da020f8475-a200b150b3 if you change it to the following: http://gmail.google.com/gmail/a-da020f8435-a200b150b3 ^^^^^^^^^^^^^ Any of the following digits could change you will be automatically logged out and as it seems you will have the login name of the email of the person who did the invitation. Not sure if there is anything evil you could do about it but just a minor bug that should be fixed.
and the login at this point doesnt works correctly. ia am not able to login at this stage. is it only my problem? regards nico -- Nico Golde - 310777820@ICQ nico () ngolde de | nion () gmx net | http://www.ngolde.de GPG: FF46 E565 5CC1 E2E5 3F69 C739 1D87 E549 7364 7CFF Is there life after /sbin/halt -p?
Attachment:
_bin
Description:
Current thread:
- GMail logout (not sure if you could call it a vulnerability) QoDS ec (Jun 21)
- Re: GMail logout (not sure if you could call it a vulnerability) Nico Golde (Jun 22)
- Re: GMail logout (not sure if you could call it a vulnerability) Nico Golde (Jun 22)
- Re: GMail logout (not sure if you could call it a vulnerability) Nico Golde (Jun 23)