Google OpenID Covert Redirect Vulnerability (漏洞)
Google’s OpenID system is susceptible to Attacks. More specifically, the authentication of parameter “&openid.return_to” in OpenID system is insufficient. It can be misused to design Open Redirect Attacks to Google. It increases the likelihood of successful Open Redirect Attacks to third-party websites, too.
more here on Google....http://www.tetraph.com/blog/2014/05/google-openid-covert-redirect-vulnerability-%E6%BC%8F%E6%B4%9E/
Linkedin OAuth 2.0 Covert Redirect Vulnerability (漏洞)
Linkedin’s OAuth 2.0 system is susceptible to Attacks. More specifically, the authentication of parameter “&redirct_uri” in OAuth 2.0 system is insufficient. It can be misused to design Open Redirect Attacks to Linkedin. It increases the likelihood of successful Open Redirect Attacks to third-party websites, too.
read more on Linkedin here.......http://www.tetraph.com/blog/2014/05/linkedin-oauth-2-0-covert-redirect-vulnerability-%E6%BC%8F%E6%B4%9E/
eBay Covert Redirect Vulnerability Based on Googleads.g.doubleclick.net (eBay 漏洞 基于 Googleads)
he vulnerability occurs at “ebay.com/rover” page with “&mpre” parameter, i.e.
http://rover.ebay.com/rover/1/711-67261-24966-0/2?mtid=691&kwid=1&crlp=1_263602&itemid=370825182102&mpre=http://www.google.com
The vulnerability can be attacked without user login. My tests were performed on Firefox (26.0) in Ubuntu (12.04) and IE (9.0.15) in Windows 7.
more on eBay here....http://www.tetraph.com/blog/2014/05/ebay-covert-redirect-vulnerability-based-googleads-g-doubleclick-net-ebay-%E6%BC%8F%E6%B4%9E-%E5%9F%BA%E4%BA%8E-googleads/
Amazon Covert Redirect Vulnerability Based on Facebook (亚马逊 漏洞 基于 脸书)
The vulnerability exists at “redirect.html?” page with “&location” parameter, e.g. http://www.amazon.com/gp/redirect.html?_encoding=UTF8&location=http%3A%2F%2Fwww.facebook.com%2Fl.php%3Fu%3Dhttp%253A%252F%252Fwww.google.com%26h%3D7AQFwCeYDAQEZsz_cx9BJKCE5Af7KKocYw4jOlGk5TB5kZg&token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1 The vulnerability can be attacked without user login. My tests were performed on Firefox (26.0) in Ubuntu (12.04) and IE (9.0.15) in Windows 7.
more here on Amazon......http://www.tetraph.com/blog/2014/05/amazon-covert-redirect-vulnerability-based-facebook-%E4%BA%9A%E9%A9%AC%E9%80%8A-%E6%BC%8F%E6%B4%9E-%E5%9F%BA%E4%BA%8E-%E8%84%B8%E4%B9%A6/
Godaddy Covert Redirect Vulnerability Based on Google
The vulnerability exists at “redirect.aspx?” page with “&target” parameter, i.e. http://img.godaddy.com/redirect.aspx?ci=1161&target=https%3A%2F%2Fwww.google.com The vulnerability can be attacked without user login. My tests were performed on Firefox (26.0) in Ubuntu (12.04) and IE (9.0.15) in Windows 7.
more here on Godaddy....http://www.tetraph.com/blog/2014/05/godaddy-covert-redirect-vulnerability-based-google/
Nytimes Covert Redirect Vulnerability Based on Google Doubleclick
The vulnerability exists at “adx_click.html?” page with “&goto” parameter, i.e. http://www.nytimes.com/adx/bin/adx_click.html?type=goto&opzn&page=www.nytimes.com/pages/nyregion/index.html&pos=SFMiddle&sn2=8dfce1f6/9926f9b3&sn1=bbba504f/c0de9221&camp=CouplesResorts_1918341&ad=NYRegionSF_Feb_300x250-B5732328.10663001&goto=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fddm%2Fclk%2F279541164%3B106630011%3Bs%3Fhttp%3A%2F%2Ffacebook%2Ecom%2Fall%2Dinclusive%2Ephp%3Futm%5Fsource%3Dnyt%26utm%5Fmedium%3Ddisplay%26utm%5Fcontent%3Dclicktracker%26utm%5Fcampaign%3D300x250%5FExpectMore%5FNYT%5FNYRegion The vulnerability can be attacked without user login. My tests were performed on Firefox (26.0) in Ubuntu (12.04) and IE (9.0.15) in Windows 7.
more here on NYtimes.....http://www.tetraph.com/blog/2014/05/nytimes-covert-redirect-vulnerability-based-google-doubleclick/
Google’s OpenID system is susceptible to Attacks. More specifically, the authentication of parameter “&openid.return_to” in OpenID system is insufficient. It can be misused to design Open Redirect Attacks to Google. It increases the likelihood of successful Open Redirect Attacks to third-party websites, too.
more here on Google....http://www.tetraph.com/blog/2014/05/google-openid-covert-redirect-vulnerability-%E6%BC%8F%E6%B4%9E/
Linkedin OAuth 2.0 Covert Redirect Vulnerability (漏洞)
Linkedin’s OAuth 2.0 system is susceptible to Attacks. More specifically, the authentication of parameter “&redirct_uri” in OAuth 2.0 system is insufficient. It can be misused to design Open Redirect Attacks to Linkedin. It increases the likelihood of successful Open Redirect Attacks to third-party websites, too.
read more on Linkedin here.......http://www.tetraph.com/blog/2014/05/linkedin-oauth-2-0-covert-redirect-vulnerability-%E6%BC%8F%E6%B4%9E/
eBay Covert Redirect Vulnerability Based on Googleads.g.doubleclick.net (eBay 漏洞 基于 Googleads)
he vulnerability occurs at “ebay.com/rover” page with “&mpre” parameter, i.e.
http://rover.ebay.com/rover/1/711-67261-24966-0/2?mtid=691&kwid=1&crlp=1_263602&itemid=370825182102&mpre=http://www.google.com
The vulnerability can be attacked without user login. My tests were performed on Firefox (26.0) in Ubuntu (12.04) and IE (9.0.15) in Windows 7.
more on eBay here....http://www.tetraph.com/blog/2014/05/ebay-covert-redirect-vulnerability-based-googleads-g-doubleclick-net-ebay-%E6%BC%8F%E6%B4%9E-%E5%9F%BA%E4%BA%8E-googleads/
Amazon Covert Redirect Vulnerability Based on Facebook (亚马逊 漏洞 基于 脸书)
The vulnerability exists at “redirect.html?” page with “&location” parameter, e.g. http://www.amazon.com/gp/redirect.html?_encoding=UTF8&location=http%3A%2F%2Fwww.facebook.com%2Fl.php%3Fu%3Dhttp%253A%252F%252Fwww.google.com%26h%3D7AQFwCeYDAQEZsz_cx9BJKCE5Af7KKocYw4jOlGk5TB5kZg&token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1 The vulnerability can be attacked without user login. My tests were performed on Firefox (26.0) in Ubuntu (12.04) and IE (9.0.15) in Windows 7.
more here on Amazon......http://www.tetraph.com/blog/2014/05/amazon-covert-redirect-vulnerability-based-facebook-%E4%BA%9A%E9%A9%AC%E9%80%8A-%E6%BC%8F%E6%B4%9E-%E5%9F%BA%E4%BA%8E-%E8%84%B8%E4%B9%A6/
Godaddy Covert Redirect Vulnerability Based on Google
The vulnerability exists at “redirect.aspx?” page with “&target” parameter, i.e. http://img.godaddy.com/redirect.aspx?ci=1161&target=https%3A%2F%2Fwww.google.com The vulnerability can be attacked without user login. My tests were performed on Firefox (26.0) in Ubuntu (12.04) and IE (9.0.15) in Windows 7.
more here on Godaddy....http://www.tetraph.com/blog/2014/05/godaddy-covert-redirect-vulnerability-based-google/
Nytimes Covert Redirect Vulnerability Based on Google Doubleclick
The vulnerability exists at “adx_click.html?” page with “&goto” parameter, i.e. http://www.nytimes.com/adx/bin/adx_click.html?type=goto&opzn&page=www.nytimes.com/pages/nyregion/index.html&pos=SFMiddle&sn2=8dfce1f6/9926f9b3&sn1=bbba504f/c0de9221&camp=CouplesResorts_1918341&ad=NYRegionSF_Feb_300x250-B5732328.10663001&goto=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fddm%2Fclk%2F279541164%3B106630011%3Bs%3Fhttp%3A%2F%2Ffacebook%2Ecom%2Fall%2Dinclusive%2Ephp%3Futm%5Fsource%3Dnyt%26utm%5Fmedium%3Ddisplay%26utm%5Fcontent%3Dclicktracker%26utm%5Fcampaign%3D300x250%5FExpectMore%5FNYT%5FNYRegion The vulnerability can be attacked without user login. My tests were performed on Firefox (26.0) in Ubuntu (12.04) and IE (9.0.15) in Windows 7.
more here on NYtimes.....http://www.tetraph.com/blog/2014/05/nytimes-covert-redirect-vulnerability-based-google-doubleclick/