Google Mail vulnerable to sidejacking despite SSL
February 8th, 2008 Posted/Linked by Shanmuga
"According to security researcher and CEO of Errata Security Robert Graham, Google’s JavaScript code makes HTTP requests in the background via an XMLHttpRequest. By default, these requests are SSL-encrypted—but if SSL fails, they change to nonencrypted mode. When a user attempts to connect to a WiFi hotspot, Google Mail attempts to connect with SSL both enabled and disabled. Even if the attempt fails, session-ID cookies are still transmitted to the router, and can therefore be captured by anyone sitting nearby with an appropriately configured software suite.
Graham himself references Google Mail as an example of this problem, but it’s far from the only site affected, and the https:// alternative it offers is still better than what you can get on other sites. Facebook, MySpace, and Yahoo Mail are all affected by the issue, as are other "Web 2.0" sites." - Content courtesy of Researcher: Google Mail vulnerable to sidejacking despite SSL
If you enjoyed this post, make sure you subscribe to my RSS feed!
This entry was posted on Friday, February 8th, 2008 at 4:41 pm and is filed under Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
