“IMWAN for all seasons.”



Post new topic Reply to topic  [ 5 posts ] 
Author Message
 Post subject: Paypal System "Flaw" That They've been Aware Of For 18 Months
PostPosted: Tue Nov 25, 2014 4:17 pm 
User avatar
I love Music & hate brickwalled audio

Joined: 27 Sep 2006
Posts: 37646
Location: The Pasture
SANS wrote:
--PayPal Patches Flaw
(November 21, 2014)
PayPal has patched a remote code execution flaw in its web application
and API that was detected 18 months ago.
http://www.theregister.co.uk/2014/11/21/paypal_vuln/


_________________
Putty Cats are God's gift to the universe.


Top
  Profile  
 

IMWAN Mod
 Post subject: Paypal System "Flaw" That They've been Aware Of For 18 Months
PostPosted: Tue Nov 25, 2014 4:37 pm 
User avatar
The Modfather; Wizard of WAN

Joined: 05 Oct 2006
Posts: 56213
Location: Under the Iron Bridge
Bannings: freely handed out
Since they'd have to already have your user account to exploit it, this isn't really a big deal.


Top
  Profile  
 
 Post subject: Paypal System "Flaw" That They've been Aware Of For 18 Months
PostPosted: Tue Nov 25, 2014 11:41 pm 
User avatar
...

Joined: 26 Oct 2006
Posts: 59407
I first read this as 'Papal System Flaw'. :)

_________________
"They'll bite your finger off given a chance" - Junkie Luv (regarding Zebras)


Top
  Profile  
 
 Post subject: Paypal System "Flaw" That They've been Aware Of For 18 Months
PostPosted: Tue Nov 25, 2014 11:45 pm 
User avatar
I love Music & hate brickwalled audio

Joined: 27 Sep 2006
Posts: 37646
Location: The Pasture
That too!

_________________
Putty Cats are God's gift to the universe.


Top
  Profile  
 
 Post subject: Paypal System "Flaw" That They've been Aware Of For 18 Months
PostPosted: Fri Dec 05, 2014 4:54 pm 
User avatar
I love Music & hate brickwalled audio

Joined: 27 Sep 2006
Posts: 37646
Location: The Pasture
Don't know if this is a repeat of my 1st post, or if it wasn't yet fixed then.........

Sans wrote:
--PayPal Fixes Cross-Site Request Forgery Vulnerability
(December 4, 2014)
PayPal has fixed a cross-site request forgery vulnerability that put
every account at risk of being taken over. A successful attack would
have required users to be tricked into clicking on a malicious link.
http://www.theregister.co.uk/2014/12/04 ... ug_bounty/
http://yasserali.com/hacking-paypal-acc ... one-click/

_________________
Putty Cats are God's gift to the universe.


Top
  Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ]   



Who is WANline

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  


Powdered by phpBB® Forum Software © phpBB Limited

IMWAN is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide
a means for sites to earn advertising fees by advertising and linking to amazon.com, amazon.ca and amazon.co.uk.