Situri "Hacker Safe" vulnerabile XSS

shamat · January 22, 2008

Peste 60 de situri, certificate de serviciul ScanAlert de la McAfee ca fiind Hacker Safe", au fost gasite vulnerabile la atacuri de tip cross-site scripting (XSS).

Printre ele se numara si situl www.scanalert.com .

"More than 60 Web sites certified to be "Hacker Safe" by McAfee's ScanAlert service have been vulnerable to cross-site scripting (XSS) attacks over the past year, including the ScanAlert Web site itself. While the XSS hole in the ScanAlert site and others have been addressed, some apparently have not been, leaving visitors potentially vulnerable to client-side attacks."

Stire preluata de pe informationweek.com

zbeng · January 22, 2008

ceva mai complet cu exemple http://xssed.com/news/55/ScanAlerts_Hacker_Safe_badge_not_so_safe_and_PCI_compliant/

tw8 · January 23, 2008

Certificatul asta e de tot cacatul.

Majoritatea siteurilor certificate "hacker safe" pe care am intrat erau vulnerabile la XSS chiar si la SearchForm :shock:.

moubik · January 23, 2008

Certificatul asta e de tot cacatul.
Majoritatea siteurilor certificate "hacker safe" pe care am intrat erau vulnerabile la XSS chiar si la SearchForm :shock:.

multi oameni cu care incep discutii de hackeri si cum se "sparg" serverele accentueaza doar pe server-ul si sistemul de operare in sine.

deci hacker safe probabil inseamna ca e sub cheie si avea ultima versiune de apache, proftpd, sendmail...

Sign In

Situri "Hacker Safe" vulnerabile XSS

Recommended Posts

shamat

zbeng

tw8

moubik

Join the conversation

Browse

Activity

Pages