Looks like a security hole in Ebay's login processing, but I'm not sure how it could send your loging details to the phisher's site. That *might* be why they haven't fixed it, but it's not a hole I'd leave open, anyway.

Wade.