[38464] in bugtraq
Re: Capital One's website inadvertently assists phishing
daemon@ATHENA.MIT.EDU (Allen Parker)
Wed Apr 20 14:05:36 2005
Message-ID: <9f2790160504191527b9c49bf@mail.gmail.com>
Date: Tue, 19 Apr 2005 14:27:56 -0800
From: Allen Parker <infowolfe@gmail.com>
Reply-To: Allen Parker <infowolfe@gmail.com>
To: bugtraq@securityfocus.com
In-Reply-To: <20050419203215.GA19856@barillari.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Just tested, seems fixed.
On 4/19/05, Joseph Barillari <bugtraq@barillari.org> wrote:
> Capital One's website has an unchecked redirect. I'm used to seeing
> these exploited by slashdot trolls (e.g., sending people to the goatse
> picture when they think they're going to microsoft.com), but this is
> the first case in which I've seen one at a bank's website.
<snip>
--
________________________________________
To avoid being added to my spam filter:
1. Utilize list replies unless otherwise requested.
2. If you DO send me a personal email, use english.
3. HTML isn't cute. It belongs on the web, not in my inbox.
