Open Redirect Wreck Off - HITB EZine
Page 1 of 1
Open Redirect Wreck Off - HITB EZine
Web Traffic Forwards
The paper talks about the real time scenarios analyzed while conducting security assessments of different websites.It has been detected that these websites are prone to invalidated redirects and forward issues.Recently,with the release of OWASP 2010 RC1 release,A8 has been marked against the redirection based flaws in websites.The attacker can control the user’s trust behavior to visit the website which is malicious and controlled by the untrusted party.These vulnerabilities can be the result of inefficient development,misconfiguration and other vulnerabilities that lead to injections in the websites.These vulnerabilities have been persisting from a long time but incorporated recently in the top 10 benchmark by the analysis of the damage done.Spammers utilize the open redirect weaknesses in the website to abuse it appropriately for conducting phishing and other stringent attacks.
Download PDF
The paper talks about the real time scenarios analyzed while conducting security assessments of different websites.It has been detected that these websites are prone to invalidated redirects and forward issues.Recently,with the release of OWASP 2010 RC1 release,A8 has been marked against the redirection based flaws in websites.The attacker can control the user’s trust behavior to visit the website which is malicious and controlled by the untrusted party.These vulnerabilities can be the result of inefficient development,misconfiguration and other vulnerabilities that lead to injections in the websites.These vulnerabilities have been persisting from a long time but incorporated recently in the top 10 benchmark by the analysis of the damage done.Spammers utilize the open redirect weaknesses in the website to abuse it appropriately for conducting phishing and other stringent attacks.
Download PDF
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» 10 Successful Steps to Converting Ezine Subscribers to Clients
» Google Wave is Open to All Now!
» AdWords Editor Now an Open Beta
» SEO's Open Web Traffic Flood Gates
» Open Notepad continually in your friend's computer!!!
» Google Wave is Open to All Now!
» AdWords Editor Now an Open Beta
» SEO's Open Web Traffic Flood Gates
» Open Notepad continually in your friend's computer!!!
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|