shamat Posted January 22, 2008 Report Share Posted January 22, 2008 Peste 60 de situri, certificate de serviciul ScanAlert de la McAfee ca fiind Hacker Safe", au fost gasite vulnerabile la atacuri de tip cross-site scripting (XSS).Printre ele se numara si situl www.scanalert.com ."More than 60 Web sites certified to be "Hacker Safe" by McAfee's ScanAlert service have been vulnerable to cross-site scripting (XSS) attacks over the past year, including the ScanAlert Web site itself. While the XSS hole in the ScanAlert site and others have been addressed, some apparently have not been, leaving visitors potentially vulnerable to client-side attacks."Stire preluata de pe informationweek.com Quote Link to comment Share on other sites More sharing options...
zbeng Posted January 22, 2008 Report Share Posted January 22, 2008 ceva mai complet cu exemple http://xssed.com/news/55/ScanAlerts_Hacker_Safe_badge_not_so_safe_and_PCI_compliant/ Quote Link to comment Share on other sites More sharing options...
tw8 Posted January 23, 2008 Report Share Posted January 23, 2008 Certificatul asta e de tot cacatul.Majoritatea siteurilor certificate "hacker safe" pe care am intrat erau vulnerabile la XSS chiar si la SearchForm :shock:. Quote Link to comment Share on other sites More sharing options...
moubik Posted January 23, 2008 Report Share Posted January 23, 2008 Certificatul asta e de tot cacatul.Majoritatea siteurilor certificate "hacker safe" pe care am intrat erau vulnerabile la XSS chiar si la SearchForm :shock:.multi oameni cu care incep discutii de hackeri si cum se "sparg" serverele accentueaza doar pe server-ul si sistemul de operare in sine. deci hacker safe probabil inseamna ca e sub cheie si avea ultima versiune de apache, proftpd, sendmail... Quote Link to comment Share on other sites More sharing options...
