Re: Orkut URL Redirection Vulnerability

[cardoso <cardosolistas () contraditorium com>]

Well, so now TWO countries care about orkut stuff, Brazil and Finland ;)

I think its creator, Orkut Büyükkökten, had a hell of a childhood, with
such name.



On Thu, 7 Sep 2006 20:53:53 +0300
"Olli Haukkovaara" <cruzan () gmail com> wrote:

> Sorry guys, but this particular URL, www.orkut.com , makes us
> Finns smile... "Orkut" means in our language "orgasms".
> I just had to share this with you, please forgive me, it's
> almost friday night ;-)
>
> Regards, Olli
>
> On 9/7/06, Julio Cesar Fort <julio () rfdslabs com br> wrote:
> > > I have found url redirection vulnerability on www.orkut.com.
> >
> > Man, I don't want to disappoint you but this redirection vulnerability
> > is pretty old and has been being used in Brazil for sometime.
> > This vulnerability was noticed in the begining of the year, maybe, when
> > orkut had changed its authentication scheme. I'm sure orkut was already
> > notified by other people but they hadn't patched it yet and the phishing
> > keeps going on :)
> >
> > Sorry about any gramatical errors.
> >
> > Regards,
> > Julio Cesar Fort
> > Recife, PE, Brazil
> > www.rfdslabs.com.br - computers, sex, human mind, music and more.
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
> -- 
> terveisin, Olli

-------------------------------------------------------------
Carlos Cardoso - "Blogueiro Inconformado^
http://www.carloscardoso.com <== sacanagem
http://www.contraditorium.com <== ProBlogging e cultura digital

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/