OAuth vulnerabilities, and insane partial disclosure people.

[Dave Aitel <dave.aitel () gmail com>]

http://news.cnet.com/8301-13577_3-10225103-36.html

Apparently OAuth has a vulnerability (which was pretty obvious when
Twitter pulled it down without saying why).  But, in the spirit of
Christmas, they've decided to say there IS a vulnerability, but we're
not going to tell you what it is. Anyone care to guess?

-dave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave