[VIM] site redirects: vulnerability or no?
jericho at attrition.org
Sun Nov 13 07:16:16 EST 2005
Sullo and I have been debating this casually, and the only thing that
hasn't forced our decision is the reports aren't too frequent (yet?).
A site or product offers a script to redirect you to another site. They
are typically found as part of leaving a site in some fashion. Example:
If you obscure the 'arbitrary.moo' by using encoding, IP address, TinyURL
or a number of other methods, you have what looks like a legitimate link
to a site that many people may click on w/o realizing it. This is very
handy and likely widely abused in phishing attacks, which is the reason
some people are disclosing them.
But, is it a *vulnerability*?
If it is, do you see your database assigning a unique ID to each product
that does this (easily hundreds)? Or a sort of generic entry covering the
concept? Or none at all?
More information about the VIM