[VIM] site redirects: vulnerability or no?

security curmudgeon jericho at attrition.org
Sun Nov 13 07:16:16 EST 2005

Sullo and I have been debating this casually, and the only thing that 
hasn't forced our decision is the reports aren't too frequent (yet?).

A site or product offers a script to redirect you to another site. They 
are typically found as part of leaving a site in some fashion. Example:


If you obscure the 'arbitrary.moo' by using encoding, IP address, TinyURL 
or a number of other methods, you have what looks like a legitimate link 
to a site that many people may click on w/o realizing it. This is very 
handy and likely widely abused in phishing attacks, which is the reason 
some people are disclosing them.

But, is it a *vulnerability*?

If it is, do you see your database assigning a unique ID to each product 
that does this (easily hundreds)? Or a sort of generic entry covering the 
concept? Or none at all?

More information about the VIM mailing list