Vulnerability allows phishing messages on RapidShare.com

An improper input validation vulnerability discovered recently by M86’s researchers could be used to create phishing messages targeting RapidShare users.

The discovery was made by testing the error message returned by the service when the servers are too busy, and the vulnerability was locate in the “downloaderror” field.

So they tried it out and substituted the original “Too many users downloading from this server right now. Please try again later.” message with the following:

Apart from the error message, they we also able to control other fields such as the file folder and file name.

“This type of improper input validation can help malicious attackers create phishing pages within RapidShare.com,” they explained, but added that the RapidShare Abuse team has fixed the issue after the researchers notified them of its existence.