CastleCops®

Need help? Click here to register for free! Absolutely zero advertisements on this site!

	Donation/Premium

	Donations. Become Premium Today!

	Security Central

	· Home · PIRT/Fried Phish · MIRT · SIRT · Deutsch · Wiki · Newsletter · O16/ActiveX · CLSID List · Contest2007 · Downloads · Feedback (send) · Forums · HijackThis · Hijacktrend · LSPs · My Downloads · O18 · O20 · O21 · O22 · O23 · O9 · Premium · Private Messages · Proxomitron · Reviews · Search · StartupList · Stories Archive · Submit News · WsIRT · Your Account · Acceptable Use Policy

CastleCops®: Security Hole

[ Go to Home | Select a New Topic ]

Tons of sites having XSS vulnerabilities reported!

immortality writes "

There's a new report out by a company which shows that there might be thousands of sites which have weak sanitation policies. The report details how conesfree.com seems to have injected scripts via the search functionality on these sites to direct users to their content. This is a classic XSS/CSS attack, the surprising thing is the scale. Also, pretty well known sites are listed in the report.

A short and interesting read :-)

"

Posted by Ikeb on Wednesday, 11 June 2008 @ 04:50:27 UTC (876 reads)
(comments? | Score: 0)

Mac hacked in 2 minutes;' Vista on 3rd day; Linux undefeated.

happyandyk writes "

After Mac was hacked in 2 minutes at the CanSecWest Conference, it was now the time for Vista to get hacked on the 3rd day. Windows Vista security was compromised through the popular 3rd party Adobe Flash Software.

The MacBook Air went first; a Fujitsu laptop running Vista was hacked on the last day of the contest; but it was Linux, running on a Sony Vaio, that remained undefeated as conference organizers ended a three-way computer hacking challenge Friday at the CanSecWest conference.

Source : WinVistaClub
"

Posted by Ikeb on Monday, 31 March 2008 @ 13:14:25 UTC (1443 reads)
(comments? | Score: 0)

Barracuda Spam Firewall contains hardcoded default login credentials

Overview

Barracuda Spam Firewalls from version 3.3.01.001 to 3.3.02.053 have default login credentials that can not be modified by an administrator.

I. Description

Barracuda Spam Firewall appliances provide ingress and egress spam filtering for local area networks. An administrator will typically log into the device by supplying credentials to a secure web-interface.

Barracuda Spam Firewalls version 3.3.01.001 to 3.3.02.053 have a guest account with a fixed username and password. This account can log in to the web interface and can not be restricted by the system's built-in access control lists.

Posted by mrrockford on Monday, 04 September 2006 @ 13:52:04 UTC (1820 reads)
(Read More... | 927 bytes more | comments? | Score: 0)

Sun Security Bulletin : Java Plug-in and Java Web Start

mowgreen writes "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1

Sun Alert ID: 102557 (RESOLVED) Synopsis: Java Plug-in and Java Web Start May Allow Applets and Applications to Run With Unpatched JRE Product: Java 2 Platform, Standard Edition Category: Security
1. Impact
The Java Plug-in and Java Web Start both allow applets and applications to specify the version of the Java Runtime Environment (JRE) to run with. However, the versions of Java Web Start and the Java Plug-in listed in Section 2 below may allow applets or applications to run with a specified version of the JRE that does not have the latest security fixes.
"

Posted by Paul on Friday, 01 September 2006 @ 20:23:42 UTC (1744 reads)
(Read More... | 2762 bytes more | 2 comments | Score: 4)

Beware!: Zero Day Windows Media File Exploits

Corrine writes "One of the biggest security issues facing users today is the Microsoft Windows Media File Exploits. Predictions are being made that Microsoft will prioritize and patch this vulnerability quickly. It is my fervent hope this is true. Othewise, those of us who spend a considerable amount of our free time helping at Castle Cops and other security forums are going to be working overtime.

The Windows Picture and Fax Viewer is used to view Windows Meta Files (WMF) and is reported as being vulnerable. Note that this is the default viewer used by Internet Explorer and some versions of Firefox for WMF files.

Even users of Google Desktop are susceptible to this exploit. See see http://www.f-secure.com/weblog/archives/archive-122005.html#00000753

Current reports state that the attack vector being used is embedded malicious images on web pages hosted at unionseek[DOT]com. This vulnerability could equally be exploited through the delivery of a malicious email.

There is additional information available at the following URLs:"

Note: Sunbelt's workaround is excellent, hats off and thumbs up. However, note that the WMF exploit can occur under any graphical extension (jpg, gif) so please be sure to follow step numbers one in de-registering the SHIMGVW.DLL file and two until a patch is generated by Microsoft.

Posted by Paul on Wednesday, 28 December 2005 @ 21:43:21 UTC (2909 reads)
(Read More... | 3397 bytes more | 1 comment | Beware! | Score: 1.87)

Login

· New User? · Click here to create a registered account.

	Toolkit

	· Email Virus Scan · UDP Port Scanner · TCP Port Scanner · Trojan TCP Scan · Reveal Your IP · Algorithms · Whois · nmap port scanner

	Link To Us

	More Banners

	Antiphishing

	Microsoft MVP

	Anti-Spyware Coalition

	CastleCops is an Anti-Spyware Coalition Member.


	2002-2008 � Computer Cops LLC dba CastleCops®. All rights reserved. Acceptable Use Policy. Use signifies your agreement. 162ppm 0.062s (0.004s) Making cybercriminals unhappy since 2002*