funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Phishing vulnerability reported at American Express Web site

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Tue, 5 Dec 2006 12:15:46 +0200 (EET)
Link to the Italian language blog entry:
http://www.andreagiuliani.com/2006/12/04/vulnerabilita-su-sito-american-express-possibile-attacco-phishing/

Google Translate gives the following result:
"In a serveur of American Express a script resides jsp that it allows redirect to one the external page also to the dominion 
of americanexpress.com. Practically a URL of this type:"

The researcher Andrea Giuliani, 16 years old geek from Italy, has contacted credit card giant about the flaw.

Sample links here:
http://vincenzoampolo.nanofreesoft.org/?p=46

- Juha-Matti
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: