Bugtraq mailing list archives
facebook 'routing flaw'?
From: Michael Scheidell <scheidell () secnap net>
Date: Sat, 16 Jan 2010 07:39:25 -0500
AP Report says it was a 'routing problem'? any idea what they are talking about, do THEY know what they are talking about? Did AT&T mix up the destination ip addresses? did facebook NOT CHECK IP ADDRESS AND COOKIES and disable the session when the ip changed?
<http://www.foxnews.com/scitech/2010/01/16/network-flaw-causes-scary-web-error/>SAN FRANCISCO – A Georgia mother and her two daughters logged onto Facebook from mobile phones last weekend and wound up in a startling place: strangers' accounts with full access to troves of private information.
The glitch — the result of a routing problem at the family's wireless carrier, AT&T — revealed a little known security flaw with far reaching implications for everyone on the Internet, not just Facebook users.
-- Michael Scheidell, CTO Phone: 561-999-5000, x 1259 > *| *SECNAP Network Security Corporation * Certified SNORT Integrator * 2008-9 Hot Company Award Winner, World Executive Alliance * Five-Star Partner Program 2009, VARBusiness * Best Anti-Spam Product 2008, Network Products Guide * King of Spam Filters, SC Magazine 2008 ______________________________________________________________________This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ ______________________________________________________________________
Current thread:
- facebook 'routing flaw'? Michael Scheidell (Jan 18)
- Re: facebook 'routing flaw'? Manny Ponce (Jan 19)
- RE: facebook 'routing flaw'? Sacks, Cailan C (Jan 19)
- Re: facebook 'routing flaw'? Suramya Tomar (Jan 19)
- Re: facebook 'routing flaw'? Matthew Leeds (Jan 19)