Saturday, September 29, 2007

GMail Flaw - Mailbox can be hijacked

Hackers can make use of the vulnerability in Gmail filtering feature to get the current and upcoming mails of a user by forwarding all the mails to their desired mailbox.
According to Petko Petkov, a web vulnerability researcher, when a user visiting a malicious website while still logged into Gmail, a "multipart/form-data POST" will be performed to one of the application programming interfaces, followed by injection of filter into user's filter list, then the filter will send all the mails that match the rule, including future mails also. That means even the vulnerability is fixed by Google, the mails will be forwarded also as long as the filter is still there. See Gnucitizen for screenshots and details.
So check your GMail filter list under settings now.