Linked by Thom Holwerda on Tue 28th Jun 2011 22:16 UTC
Apple With all the news about Anonymous, LulzSec, Anti-Sec, and so on, you'd almost forget there are more ethical hacking groups out there as well. One such group, YGN Ethical Hacker Group, informed Apple of several weaknesses in its developers website on April 25. Apple acknowledged the flaws, but so far, hasn't done anything about them. YGN Ethical Hacker Group has now stated they will fully disclose the vulnerabilities if Apple doesn't fix them in the coming few days.
Permalink for comment 479185
To read all comments associated with this story, please click here.
RE: What is gained?
by Bill Shooter of Bul on Wed 29th Jun 2011 23:51 UTC in reply to "What is gained?"
Bill Shooter of Bul
Member since:
2006-07-14

I'm afraid I don't think I understand what you are talking about. Its not quite clear.

I think you are questioning if an arbitrary redirect is a real vulnerability. Is that right?

Well, take a look at this and see if it changes your mind:

https://www.owasp.org/index.php/Top_10_2010-A10

Its true that not every vulnerability will or even can lead to an exploit, but its a better idea to just fix the potential problems than waiting for someone to successfully be scammed. But make no mistake this is a vulnerability that can and will be exploited if it is not fixed.

Edited 2011-06-29 23:53 UTC

Reply Parent Score: 2