Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Gmail security flaw opens up access to others' emails

Save your company's valuable data with Proxy Sentinel™ from Internet Security. Click here for all the details.

January 13, 2005

Warning: Wrongly formatted email addresses within Google's Gmail have been found to enable access to emails sent by other users on Google's network. A problem with Google's email service, Gmail, let any user query the company's servers for information on the last message sent, two programmers announced on Wednesday.

The programmers, part of a community site dedicated to the Unix-like FreeBSD operating system, found that an improperly formatted address allowed Gmail users to retrieve the message body of the last HTML-formatted email processed by the server.

"The result is a compromise of the privacy of communications over Gmail," the two programmers stated in their write-up of the problem. "Message content and address information are easily -- if somewhat randomly -- available to unintended recipients."

Google acknowledged the problem on Wednesday and said it had been fixed. It is unclear how long the glitch lasted.

The problem became apparent when an email message sent by the programmers left off a ">" from the end of a recipient's address. The result: Google's server sent back seemingly random information that the hackers realised was information from someone else's email message.

Google acknowledged the problem and had fixed it by the end of the day, a source at the company said on Wednesday. Since the problem originated in the application on the company's servers, the fix immediately plugged the leak for all users, the source said.

The search giant has increasingly had to deal with security flaws because its popularity has security researchers looking more closely at the firm's products.

Worms have used Google's search engine to find potentially vulnerable hosts on the Internet, and flaws in the company's desktop search program left computers that ran the software open to attack.

Google's free email service, Gmail, was launched last April and has quickly gained a large following. While the system is technically still in beta, many users have begun to rely on it.

However, because most of Google's services run on the company's own servers rather than on software installed on users' systems, fixes for security problems can be deployed quickly.

Source: ZD Net

Save Internet's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.

Back to the top of the page.         

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet 2003    Terms of use    Privacy agreement    Legal disclaimer