Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Enom.com security contact? (Account Hijacking -- Google Apps integrations vulnerable)

From: Kristian Erik Hermansen <kristian.hermansen () gmail com>
Date: Mon, 16 Jun 2014 15:12:04 -0700
Hello! :)

Anyone have a security contact at Enom? I believe I have located an
arbitrary account hijacking issue that affects all Google Apps domains
that utilize Enom for the domain registrar integration. This could
potentially be 100,000s of Google Apps / Enom domains. Google Security
does not handle issues in third-party integrations, otherwise I would
escalate with them.

Any contacts you can share would be greatly appreciated, thanks!
-- 
Regards,

Kristian Erik Hermansen
https://www.linkedin.com/in/kristianhermansen
https://google.com/+KristianHermansen

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: