[8739] in bugtraq
ValueClick
daemon@ATHENA.MIT.EDU (Ellen (ValueClick))
Sat Dec 19 20:57:51 1998
Date: Sat, 19 Dec 1998 19:57:20 -0500
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: "Ellen (ValueClick)" <ellen@VALUECLICK.COM>
X-To: philip@EINET.BG
To: BUGTRAQ@NETSPACE.ORG
Hi,
Please allow me to introduce myself. My name is Ellen O'Rourke and I am
Host Member Manager for ValueClick.
I would like to refer to the letter you wrote BUGTRAQ@NETSPACE.ORG
regarding "ValueClcik vernerability."
Let me explain:
If the user decides to go to another site after they
are logged in, either via a bookmark or typing in
a url, the referring url will be blank. If we had
a link to the outside, the referring url would
contain the logged in user's username and password.
The links that we do have to the outside, such
as on the exclude banners page where a user
can click on a banner to view the advertiser's
site, have the referring url stripped off to
protect the host's login info.
If you have evidence that contradicts this, we would very much appreciate
your advising us.
We appreciate your interest in ValueClick.
---------------------------------------------------------
Ellen O'Rourke
Member Site Manager ellen@valueclick.com
ValueClick
The pay-for-results advertising network!
ValueClick Banner Ad Network http://www.valueclick.com
---------------------------------------------------------
