Full Disclosure mailing list archives
Enom.com security contact? (Account Hijacking -- Google Apps integrations vulnerable)
From: Kristian Erik Hermansen <kristian.hermansen () gmail com>
Date: Mon, 16 Jun 2014 15:12:04 -0700
Hello! :) Anyone have a security contact at Enom? I believe I have located an arbitrary account hijacking issue that affects all Google Apps domains that utilize Enom for the domain registrar integration. This could potentially be 100,000s of Google Apps / Enom domains. Google Security does not handle issues in third-party integrations, otherwise I would escalate with them. Any contacts you can share would be greatly appreciated, thanks! -- Regards, Kristian Erik Hermansen https://www.linkedin.com/in/kristianhermansen https://google.com/+KristianHermansen _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Enom.com security contact? (Account Hijacking -- Google Apps integrations vulnerable) Kristian Erik Hermansen (Jun 16)