ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Bullseye on Google: Hackers expose holes in GMail, Blogspot, Search Appliance

By | September 25, 2007, 1:06pm PDT

Summary: In the past few days, there have been multiple disclosures of security vulnerabilies in a wide range of Google products, including a persistent e-mail theft issue affecting the widely used GMail service.

Hackers expose holes in GMail, search appliance[ UPDATE, October 1, 2007:  Google has issued a fix for this issue.  It's important that you check your filters to ensure your mailbox isn't compromised ]

Google’s security model is not holding up very well to scrutiny from hackers.

In the past few days, there have been multiple disclosures of security vulnerabilities in a wide range of Google products, including a persistent e-mail theft issue affecting the widely used GMail service.

The unpatched GMail bug, which was demonstrated for me by hacker Petko D. Petkov, is particularly nasty because of the way the exploit works without any user action and the fact that it’s difficult for the average GMail user to know that e-mails are being stolen.

The victim visits a page while being logged into GMail. Upon execution, the page performs a multipart/form-data POST to one of the GMail interfaces and injects a filter into the victim’s filter list. In the example above, the attacker writes a filter, which simply looks for emails with attachments and forward them to an email of their choice. This filter will automatically transfer all emails matching the rule. Keep in mind that future emails will be forwarded as well. The attack will remain present for as long as the victim has the filter within their filter list, even if the initial vulnerability, which was the cause of the injection, is fixed by Google.

The attack technique is known as cross-site request forgery (CSRF) and has haunted Google in the past. Earlier this year, the company was forced to correct a similar flaw after details leaked out on an issue that put GMail contact lists at risk.

Google Search Appliance users at risk:

Hackers expose holes in GMail, search applianceSeparately, a Romanian security researcher has published details of a cross-site scripting bug affecting users of the enterprise-facing Google Search Appliance.

Mustlive, the hacker behind the Month of Search Engine Bugs project, published a proof-of-concept and a Google dork to demo the attack — and expose businesses using the search appliance.

Google (Blogspot) Polls vulnerability

A third issue has been disclosed at Beford.org to show how a cross-site scripting bug in Google’s Blogspot Polls could allow the hijacking of sensitive information.

The ‘font’ parameter was not being sanitized before being used inside an STYLE tag, so you could inject IE’s expression() and Mozilla’s -moz-binding.

Several proof-of-concepts — this one hijacks your Google contacts, this one intercepts incoming GMail — are publicly available. (IMPORTANT NOTE: clicking on those links while logged into Google Accounts might not be such a good idea).

An exploit against Picasa

Google’s Picasa photo-sharing software and Web service is also vulnerable to an exploit scenario that uses a combination of cross-site scripting, cross-application request forgery and URI handler weakness to steal photographs from the victim’s hard drive.

Technical details of the Picasa issue have been released by Billy Rios and Nate McFeters.

Finally, there’s a cross-site scripting bug in Google’s Urchin Analytics service that can be exploited to steal user credentials. An explanation of this vulnerability has been published by Adrian Pastor.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Google Inc., Google Gmail, Search Appliance, Victim, XSS, Hacker, Attack Technique, E-mail Providers, E-mail, Internet, Online Communications, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

46
Comments
Add Your Opinion

Join the conversation!

Just In

Message has been deleted.
XweAponX Updated - 30th May 2008
View in thread
0 Votes
+ -
The more widely something is used
No_Ax_to_Grind 25th Sep 2007
the more likely to become a target of hackers. Good thing not many run Linux.
0 Votes
+ -
Re: Good thing not many run Linux
bka1959 25th Sep 2007
Google Does!!!
0 Votes
+ -
Yeah. It means my Linux
bjbrock 26th Sep 2007
boxes are so much safer than my Windows boxes. Thanks for pointing that out.
0 Votes
+ -
Careful what you wish for
JonWayn 27th Sep 2007
Many of you Linux zealots here often advocate Linux for its safe environment, prodding Windows users to dump Windows for Linux. If No_Axe_2_Grind knows what he is talking about, when he says "Good thing not many ppl use Linux", then that goes to show that it isnt because Linux is better why it safer, it is simply because hackers are not interested in it - because there arent enough users of it to make it thrilling. That said, as soon as we Windows users go along with your prodding, the hackers too are going to prod-along.

Did I say "'We' windows users"?
0 Votes
+ -
No, you are wrong, as the grinder...
Jxn 29th Sep 2007
No, it means your Linux box is safer than your MS Windows box becouse it has safer default values when installed.
It's not becouse there are fewer Linux boxes that are up for hackers (more public web sites run 24/7 on Linux then on MS Windows). I mean, known sites that are possible to look up through DNS and to search for (MSN, Google etc) must be better targets than clients machines that is up 4-8 hours 5-7 times a week, if security between the systems is at same level.
0 Votes
+ -
not necessarily true
catseverywhere@... 26th Sep 2007
Here's a related Tech Republic blog fresh on 9/12/07.

Open source will always be far less vulnerable than proprietary goods. Quick points:

The vast majority of vulnerabilities will be discovered (and near simultaneously fixed) by the white hats.

News and information about problems in the open source world flies fairly fast as it is now, this will only get better as the community grows.

Fixes will come far more swiftly and reliably than from proprietary vendors, articles abound. (and lest we forget Micr0$oft "secret updates:" http://blogs.techrepublic.com.com/tech-news/?p=1189 )

Linux has powerful monitoring, filtering, security etc, and related capabilities. As it is now, the tools are all over the place and are somewhat confusing for the average user. With a growth in Linux deployment, a potentially profitable software niche might finally bring out the emergence of true "all in one" Linux "security center" type apps, heavy on the GUI sauce of course. Swifter security updates and a one-stop place to view/modify any of the vast array of present capabilities, presented comprehensibly such that anybody can see and know everything their box is up to.

That'll make for an even less vulnerable world. I see the idea as to make the white hat side of the community the 800 lb. gorilla sitting on the 'net. Strength in sheer numbers. I do believe it'll happen.

That's my take on the issue, similar to author Chad Perrin, which both seem to dispel the argument that Linux isn't as viri and worm laden because of it's low exposure.

I remind the greater number of servers are Linux, and the internet itself runs at it's core on Unix.
0 Votes
+ -
One - that is opinion about open source...
ItsTheBottomLine 26th Sep 2007
not really proven yet. However, all of the above kind of makes you wonder about - hey I have Google Apps, and my sensitive info is on that...who can see it let alone steal it... I have no idea, but it kind of makes you wonder.
0 Votes
+ -
Hm. Where did google came into OSS?
Jxn 29th Sep 2007
What does Google mail and search has to do with Open Source Software? Other than it's designed in a way that gives problems in any web browser that has google apps users logged in at the same time as other web sites.

They are as secret about there applications as MS Windows (no really, they do releases some parts as OSS, but not the search engine or web mail applications)
0 Votes
+ -
Firefox/NoScript
D T Schmitz 25th Sep 2007
Folks,

Install Firefox and NoScript add-on--it strips out the JavaScript exploits.

Also, don't leave yourself logged into Gmail from your browser--a good email client on your localhost such as KMail will fetch with POP3 and SSL securely and thanks to the excellent Gmail spam filters leave the spam behind.

Never mind what No_Ax says. wink

This isn't a 'Linux' issue.
0 Votes
+ -
Good advice
Chad_z 26th Sep 2007
NoScript is one plugin I would gladly purchase. It stomps on cross-scripting, web bugs, redirects, all kinds of unpleasantness.

One of these days I want to figure out a batch file that will launch my apps at a certain time, collect all my email, and pop a browser with four or five standard windows. I can do all the steps individually, now for the batch file that ties them all together so it's sitting there waiting for me when I get downstairs.

One of the promises of computers was automation. Seems to me much of the automation has been task focused. I want to start focusing on automating user environments. I'd love to walk into the office and find my computer up and ready to go to work. The information I browse routinely already waiting.
0 Votes
+ -
Use gmail basic, skip the bells and whistles.
kraterz 25th Sep 2007
To be really secure, I disable javascript and simply use gmail basic. Most people can live without the bells and whistles such as chat etc within gmail.
0 Votes
+ -
RE: Bullseye on Google: Hackers expose holes in GMail, Blogspot, Search Appliance
naba.hazarika@... 25th Sep 2007
Google should give a closer look on this. They soon have to find ways to counter all these threats and protect users data.
0 Votes
+ -
yep web 2.0 trust the big boys with your data right like ax said
SO.CAL Guy 25th Sep 2007
yep web 2.0 trust the big boys with your data right lie ax said the when something get enough users the vale of security comes crashing down.

and yes goggle uses Linux. all there stuff is built on open source.
0 Votes
+ -
Actually, some of their Google applications are written
Confused by religion 26th Sep 2007
... in Visual Basic and/or Visual Studio.
0 Votes
+ -
nonsense!
dhavleak@... 26th Sep 2007
That's absolute rubbish! Googgle's entire infrastructure is built on non-Microsoft technology. There's no way they are using Visual Studio or VB to create their sites. That's just a shameless attempt on your part to transfer some blame to MS.
0 Votes
+ -
sorry milly you need to get your facts striat they do not use VB or VS you
SO.CAL Guy 26th Sep 2007
sorry milly you need to get your facts striate they do not use VB or VS you need to get off the FUD train
0 Votes
+ -
Are they
Jxn 29th Sep 2007
Some of the desktop applications might, I don't know. But I would be suppriced if their web site applications is.
0 Votes
+ -
Sounds like Google...
bjbrock 26th Sep 2007
needs some new programmers. While Google got lucky with their search page, we're now seeing the true Google. Not much quality here.
0 Votes
+ -
RE: Bullseye on Google: Hackers expose holes in GMail, Blogspot, Search App
dlenoir@... 26th Sep 2007
How much does tabbed browsing impact the first flaw? Does "The victim visits a page while being logged into GMail." mean that the hack would work if e.g. I would log into my GMail account, then browse to an infected site in another tab?
0 Votes
+ -
Have you tried the plugin "Morning Coffee"?
craftsmyn 26th Sep 2007
It's for Firefox - you can set it by day of week to open all of your frequently browsed sites in different tabs - all in one click, so when you open your browser and click - there you are. It's cool.
0 Votes
+ -
RE: Bullseye on Google: Hackers expose holes in GMail, Blogspot, Search App
DrByte 26th Sep 2007
Dammit! I clicked on "this one intercepts incoming GMail" while logged into my GMAIL account.

Put the disclaimer BEFORE dangerous links, thanks very much!

What the hell can I do to ensure something isn't going on in my GMAIL account, now?

SHEESH!!!!
0 Votes
+ -
re
pcguy777 26th Sep 2007
uninstall your toolbars, clear out all your cashed folder from the run line.. temp and %temp%

reinstall toolbar

check gmail settings...

this should only occur if your actually logged into gmail on the effected computer.

so if you were to check your email from lets say a library computer, and if the other infected computer was off.. you couldnt be affected.

either way..

since the settings are cached in the google app, yeah.. like i said, unistall it and reinstall it.

this doesnt appear to be a virus or trojan obviously, so .. it should not be in any other part of your system.
0 Votes
+ -
Thanks
DrByte 26th Sep 2007
ok, I'm using Firefox without the Google Bar installed. I did have "GMAIL This" installed, but uninstalled it...

I checked my GMAIL preferences through the web interface and there are no filters installed.

I installed NoScript.

I should be ok NOW, yes?

I appreciate your time.

I use GOOGLE APPS religiously and have to be logged in to my GMAIL to access all the wonderful features and interact via Chat with my students, etc. So the POP feature is not an option.
0 Votes
+ -
You could use there service without a web browser
Jxn 29th Sep 2007
gTalk is actually Jabber, so any Jabber client (like gajim, http://gajim.org/) would do.

You can read your mail in gmail through POP with any recent mail client (like Thunderbird).

You could run your Google web apps in one instance of a web browser and rest in another (like two different of Firefox, Opera and MS IE) and then you would be safe for this, as long as you don't open other websites in the web browser you have Google in.
That is, Google apps in Firefox and rest in Opera.
(But this cross site problems would still be there for other web apps)
0 Votes
+ -
Don't worry...
Joe.Smetona 26th Sep 2007
It'll be fixed before you know it.
0 Votes
+ -
Yea but...
DrByte 26th Sep 2007
What kind of moron would put a link to a live exploit in a published article.

I thought I was clicking on an explanation of the exploit.

Thanks for nothing RYAN - you just lost a reader...

FYYFF
0 Votes
+ -
re
pcguy777 26th Sep 2007
you have a bit to learn about informing the pub of internet threats..

but thats ok.

i have to pass the A+ and N+ tests this year.
0 Votes
+ -
Why the Gmail attack works, and how Google should fix it
PhilippeV 26th Sep 2007
The main reason causing this attack to work is that, if you are reading emails online in the Gmail web interface, you are connected using the same credentials that also allow you to modify your Gmail preferences regarding filter.

The problem is that Google does not isolate scripts running from the HTML email you are reading online: they run in the context ofyour current Gmail session, with the same privileges as those used to update your Gmail preferences (here the list of automatic forward filters).

The solution is simple for Google: move the webpages that allow you to change your Gmail preferences into a separate domain whose credentials are not the same as those used in the session or reading incoming emails (notably HTML emails).

This means that, for changing your Google preferences, you need a separate logon, and the preferences can't be changed using the same credentials used to read the email: even if the incoming email you're reading contains some javascript, this javascript won't be able to post multipart forms changing your email preferences using the current credentials (your current HTTP session on the Gmail box reading interface is not usable for posting changes of your Google preferences, this will require a separate session, authenticated separately, preferably within a secure HTTPS session rather than the usual unsecured/unencrypted HTTP session used to read the emails online, and that should not permit posting changes, and not even allow performing some commands like pressing the "send to" or "forward to" button present in the same page, without using a separate session to a distinct server for performing the action demanded by the form posted by the button).

The servers (i.e. their domain name acting as the main siolation mechanism between sessions, the isolation being effectively realized by browsers provided that they have correct protection against cross-site scripting between frames or sessions) that do perform changes in your user preferences or effetively process an email that you choose to forward, they should be distinct from the servers serving an incoming email for reading.

It's something that Google can impelment quite simply. The "bad" thing is that Gmail users will not to authenticate separately when reading emails or when sending/forwarding emailsor changing its preferences. The "single logon" scheme should no longer work, or not in the same frame: if you want to forward the email you're reading, the "forward" button could be in a frame separated from the frame where the incoming email you're reading is displayed.

This means that an alternative for Google is to display the incoming emails in your box within a embedded frame, served by a separate server, in an isolated session, so that the "forward" and "send" buttons are not within this emails-rendering frame, but in the containing page that has the necessary credentials. This could be safe, provided that your Internet browser supports frames (in which case you won't need to authenticate multiple times to perform sensitive actions like email forwarding or changes of user preferences).

I think that similar attacks are possible within Microsoft servers implementing single signon with a single authentication to your "Passport" account.

This article should have also discussed more precisely howto clean the injected filters,because they will persist even if Google fixes the issue: this can be made by connecting to your Gmail preference page, and looking at the displayed email filters and forwarding rules: select the filters that you did not create yourself, and delete them.

The report should also say that Gmail users are not vulnerable to this issue if they read their emails offsite, for example by downloading within a POP3 email application, because the email will be rendered within the context of the email application, without the credentials associated to an active online connection to the Gmail web service (which shares the same usable credentials for other Gmail account management that you can perform).

Anyway, Google should be capable of alerting the users that some forwarding rules in their Gmail preferences are probably suspect, and used to forward your incoming emails to known abusers stealing your emails. And by default, it should place these forwards on hold, until the user opts for not delivering this forwards.

One good addition to propose to Google: allow filters to forward messages but by placing them in a separate output folder, that won't be delivered until the user approves the forwarding using secure credentials (separated also from the basic credentials used to render the incoming emails in your online email folders).
0 Votes
+ -
Another immediate fix to apply by Google
PhilippeV 26th Sep 2007
The list of dangerous forwarding rules in your Gmail account preference is known: the email addresses that are specified as the target of the forward can be detected as being abusive and controlled by people stealing your emails, and using the specified target email address to receive them.

In such acase, the target addresses for the forwarding rule should be closed (Google will immediately alert its hosting provider, that the account is under control of an abuser, and can locally disable the forwarding rules that indicate this target address controlled by criminals)

This fix will not be completely fullproof, as long as Google does not implement the isolation of sessions used to render incoming emails with lower privileges (asindicated in my previousmessage), because there may be countless target addresses created dynamically, one for each victim, hosted on many target domains with distinct administrations in many countries and with many hosting ISPs with many different policies for handling abuse reports.

Anyway, this issue is still a problem of cross-site script injection, where any random javascript can beinserted in a maliicious email to inject commands to your Gmail accounts, or to perform any other web transactions in your name (like posting other emails like spam). That's a good enough reason to isolate the emails being rendered, in a way that the HTTP forms can't be submitted without user's explicit consent using its credentials.

One serious problem comes with browsers, that allow you to cache in a permanent store the credentials requested by some site. For the Gmail preferences page, stored credentials should not be allowed (that's why it should be hosted in a HTTPS-secured server by default, such as "https://secure.gmail.com/preferences":

If you want to go tothispage, you haveto logon each time... or you should have at least an explicit modal confirmation page, before performing the change request, and showing the detailed requested changes with a displayed sentence like

"You have just requested to change your Gmail preferences. Do you really wish to confirm the addition, within your Gmail preferences, of the filter allowing to forward emails matching this rule to "criminal@target.isp.exemple.com ? OK / Cancel"). Because this modal dialog will be displayed, you will notice the addition and won't allowit to be added silently without visible confirmation, just because you have read online an incoming malicious email. This will appear as well if you were reading your incoming emails offsite (within a POP3 email agent).
0 Votes
+ -
Did you consider a simpler solution...
Giorgio Maone 26th Sep 2007
... like form keys?
Explained here: http://hackademix.net/2007/09/26/gmail_csrf/#csrf_dev
0 Votes
+ -
Google (or any networked) toolbars no way!
pcguy777 26th Sep 2007
i knew stuff like this would most likely happen.


I dont use any toolbars at all.. except un-networked ones for printing, web dev, etc.
0 Votes
+ -
A question: Firefox's NoScript add-on
goyta 26th Sep 2007
I have a Gmail account, but I rarely use it through the Web interface, pulling the messages by POP3 to my e-mail client instead. However, sometimes I do access it through the Web, and of course I'm worried, even though I'd be unlikely to surf a malicious site, let alone simultaneously with my Gmail access.

I have Firefox's NoScript add-on installed, and it claims to block all cross-site request forgeries. Does anyone know whether this would be really effective to block this exploit? Thanks.
0 Votes
+ -
Yes it does
Giorgio Maone 26th Sep 2007
NoScript does prevent all the vulnerabilities listed in this article from being exploited on Firefox.
See http://hackademix.net/2007/09/26/gmail_csrf/ for details.
0 Votes
+ -
Google Dork?
Wolfie2K3 26th Sep 2007
Ryan,

Er... Exactly what IS a Google Dork...? The link you provide seems to cough up a Google search result with bunch of links in Russian. Now, I don't know everyone on this site, but I'll wager most of us can't read/write in that language let alone speak it.
0 Votes
+ -
Try this one...
Giorgio Maone 26th Sep 2007
http://www.google.com/search?q=inurl%3Axml_no_dtd

Ryan took his directly from MustLive's Ukrainian website, not bothering to "translate it" wink
0 Votes
+ -
Seriously Ryan: Edit your Article!
DrByte 26th Sep 2007
What? The links to the live exploits still precede your warning?
How about an edit?

Here's the analogy: I hand a gun enthusiast a loaded pistol, naturally the gun enthusiast wants to know the action of the gun, its balance, bore, etc. SO, he tosses the gun around like a toy car - all of a sudden BLAMO!

I look at him and say: Oh, by the way, the gun is loaded!
0 Votes
+ -
If...
NDS84 27th Sep 2007
Well if you did hand a gun enthusiast a loaded weapon, first shame on you. Second any enthusiast would check to see if the weapon is ?live?. So let?s maybe find a different analogy. Although I do agree with your point.
0 Votes
+ -
Thanks, you confirmed my analogy
DrByte 27th Sep 2007
Precisely. Shame on him for handing us a loaded gun without a PRIOR warning.

That is why the analogy holds true. I would never hand anybody a loaded gun, much less without a forewarning.

Second: This is the internet, most of us scan articles quickly and react to links in real time (without reading AHEAD). I also trusted ZDNET authors to not embed links to live hazards. Even the private site where he "lifted" the info from was smart enough not to do such a thing.

Thanks for supporting my analogy.

My request is simple. Move the disclaimer to the TOP of the paragraph.
0 Votes
+ -
Contributr
Point taken
Ryan Naraine 27th Sep 2007
Point taken but you should *always* be careful about clicking on *anything*. Even more so if you see the words "exploit" in the neighborhood and you're on a site that covers hacking/attacks/vulnerabilities.

_r
0 Votes
+ -
This explains Bill Gates in Romania
adam7117 26th Sep 2007
"Go after Google," says Bill, "Go my pretties!"
0 Votes
+ -
Another hack I reported weeks ago in translating JP text
_DC_ 27th Sep 2007
There is another major hack I discovered weeks ago. Someone hacked Google Translation, so that if you translate a Japanese webpage or Japanese text using Chinese to English, it spits out a bunch of Islam garbage about Allah, Mosques, Isreal, Moses, and other crap. Go to the Japanese katakana wiki page and translate it using chinese to English, and you'll see all the characters turn up as bullsh*t islam extremist kind of crap.

It only works on translating Japanese texts using Chinese to English translations.
0 Votes
+ -
Message has been deleted.
zeureo1@... Updated - 30th May 2008
0 Votes
+ -
Message has been deleted.
Jxn Updated - 30th May 2008
0 Votes
+ -
Message has been deleted.
XweAponX Updated - 30th May 2008
0 Votes
+ -
What if you use an external Email Client?
XweAponX 29th Sep 2007
Ryan:

Would it be safer to use my external Email client for Gmail?

I really do not care that much if anyone gets into my gmail... I never use it for anything but creating BBS account.

Any serious email goes to my regular email.

The problem of SPAM is beyond just one email service. I get SPAM under Hotmail, under Yahoo mail, under Gmail and under my ISP accounts.

If I were to limit my email activities to just using my email client would that be safer than using the website?

A smartwhois on Google.com reveals these bogus sites:

09/29/07 14:31:50 whois google.com
.com is a domain of USA & International Commercial
Searches for .com can be run at http://www.crsnic.net/

whois -h whois.crsnic.net google.com ...

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.


GOOGLE.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM
GOOGLE.COM.ZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM
GOOGLE.COM.WORDT.DOOR.VEEL.WHTERS.GEBRUIKT.SERVERTJE.NET
GOOGLE.COM.VN
GOOGLE.COM.UA
GOOGLE.COM.TR
GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
GOOGLE.COM.SPROSIUYANDEKSA.RU
GOOGLE.COM.SERVES.PR0N.FOR.ALLIYAH.NET
GOOGLE.COM.SA
GOOGLE.COM.PLZ.GIVE.A.PR8.TO.AUDIOTRACKER.NET
GOOGLE.COM.MX
GOOGLE.COM.IS.NOT.HOSTED.BY.ACTIVEDOMAINDNS.NET
GOOGLE.COM.IS.HOSTED.ON.PROFITHOSTING.NET
GOOGLE.COM.IS.APPROVED.BY.NUMEA.COM
GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM
GOOGLE.COM.DO
GOOGLE.COM.BR
GOOGLE.COM.BEYONDWHOIS.COM
GOOGLE.COM.AU
GOOGLE.COM.ACQUIRED.BY.CALITEC.NET
GOOGLE.COM



>>> Last update of whois database: Sat, 29 Sep 2007 21:31:07 UTC

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
0 Votes
+ -
RE: Bullseye on Google: Hackers expose holes in GMail, Blogspot, Search Appliance
badesign@... 29th Sep 2007
The link... http://www.cyber-knowledge.net/blog/2007/01/01/gmail-vulnerable-to-contact-list-hijacking/...doesn't seem to work (for me at least. Can someone point me in the right direction with this? Thanks

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix