Today found this great post, here is a quick excerpt :
oDesk Time Tracker does not verify the SSL certificate of the host it connects to thus becoming vulnerable to various Man-in-the-Middle attacks (if an attacker is able to spoof DNS for team.odesk.com — say, by setting up a fake DHCP and …
Read the rest of this great post Here
February 17, 2010
oDesk Time Tracker Vulnerabilities « Безопасность « Ars Longa …
No Comments »
No comments yet.
RSS feed for comments on this post.