Severe And Unpatched eBay Vulnerability Allows Attackers To Distribute Malware

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
You know what the best part about this vulnerability is? eBay stating that they have no plans to fix it. :( The video below shows the malicious code in action.

This vulnerability allows attackers to bypass eBay's code validation and control the vulnerable code remotely, to execute malicious Javascript code on targeted eBay users. If this flaw is left unpatched, eBay users will continue to be exposed to potential phishing attacks and data theft.
 
could be fixed in 10 minutes by banning use of [ or ] in descriptions.
 
Quit using eBay last year due to the ridiculous fees. For how much they take off the top of a sale, there is no reason these types of issues shouldn't be fixed. I am also surprised eBay, Amazon, and other seller sites don't see some kind of government crackdown on this. They all charge the same artificially bloated seller rates for providing minimal service. Seems like the time is right for a better competitor to pop up.
 
frelled said:
Quit using eBay last year due to the ridiculous fees. For how much they take off the top of a sale, there is no reason these types of issues shouldn't be fixed. I am also surprised eBay, Amazon, and other seller sites don't see some kind of government crackdown on this. They all charge the same artificially bloated seller rates for providing minimal service. Seems like the time is right for a better competitor to pop up.
Click to expand...

This, the 10%+ fees on top of paypal fees just does not make sense for the seller.
I question if any business really makes any money through them.
 
frelled said:
Quit using eBay last year due to the ridiculous fees. For how much they take off the top of a sale, there is no reason these types of issues shouldn't be fixed. I am also surprised eBay, Amazon, and other seller sites don't see some kind of government crackdown on this. They all charge the same artificially bloated seller rates for providing minimal service. Seems like the time is right for a better competitor to pop up.
Click to expand...

I haven't sold anything on eBay for a few years. Even before that I had stopped selling a lot of the smaller items, as it just wasn't worth it any more due to the high fees. When you include the time to take the picture, put the ad together, and then box & ship the item, I was making less than minimum wage :(

I have a bunch of stuff piling up at home, but I'll probably just end up donating most of it.
 
Hypergreatthing said:
the video shows some malware distribution for iphones?
I'm totally for that.
Click to expand...

Makes you wonder if this only affects jailbroken iPhones. Afaik that's not even possible to do on a jailed phone (install software from outside sources).
 
frelled said:
Quit using eBay last year due to the ridiculous fees. For how much they take off the top of a sale, there is no reason these types of issues shouldn't be fixed. I am also surprised eBay, Amazon, and other seller sites don't see some kind of government crackdown on this. They all charge the same artificially bloated seller rates for providing minimal service. Seems like the time is right for a better competitor to pop up.
Click to expand...

Why should their be a government crackdown? You are the one that decides to use the service. Just don't use it if you don't like the cost.
 
All this needs is for mainstream media to pick up the story. It'll get fixed quickly when the general public knows about it.
 
frelled said:
Quit using eBay last year due to the ridiculous fees. For how much they take off the top of a sale, there is no reason these types of issues shouldn't be fixed. I am also surprised eBay, Amazon, and other seller sites don't see some kind of government crackdown on this. They all charge the same artificially bloated seller rates for providing minimal service. Seems like the time is right for a better competitor to pop up.
Click to expand...

Start your own auction site then where everyone in America will check first when they think "online auction".

The fact is they can charge high fees because unless you want to go to craigslist where else will you sell with any success?
 
You must log in or register to reply here.
Back
Top