Dailydave mailing list archives
OAuth vulnerabilities, and insane partial disclosure people.
From: Dave Aitel <dave.aitel () gmail com>
Date: Wed, 22 Apr 2009 18:20:13 -0400
http://news.cnet.com/8301-13577_3-10225103-36.html Apparently OAuth has a vulnerability (which was pretty obvious when Twitter pulled it down without saying why). But, in the spirit of Christmas, they've decided to say there IS a vulnerability, but we're not going to tell you what it is. Anyone care to guess? -dave _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- OAuth vulnerabilities, and insane partial disclosure people. Dave Aitel (Apr 22)
- Re: OAuth vulnerabilities, and insane partial disclosure people. Michael Eddington (Apr 22)
- Re: OAuth vulnerabilities, and insane partial disclosure people. Matthieu Suiche (Apr 23)
- Re: OAuth vulnerabilities, and insane partial disclosure people. Nate Lawson (Apr 24)
- Re: OAuth vulnerabilities, and insane partial disclosure people. Matthieu Suiche (Apr 23)
- Re: OAuth vulnerabilities, and insane partial disclosure people. Michael Eddington (Apr 22)