funsec mailing list archives
MySpace plugging photo peephole
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Mon, 10 Nov 2008 23:40:10 +0200 (EET)
"MySpace was working to plug a hole on Tuesday that allows anyone to view members' private photos without being friends with them. The vulnerability, reported to CNET News by Canadian computer technician Byron Ng, was easy to exploit by plugging a member's ID number into a specific MySpace URL. However, someone would have to know which URL to use to be able to see the private photos." --clip-- More at http://news.cnet.com/8301-1009_3-10082538-83.html?tag=mncol It appears that Mr. Ng is a man behind similar Facebook vulnerability too: http://www.msnbc.msn.com/id/23785561/ Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- MySpace plugging photo peephole Juha-Matti Laurio (Nov 10)