Image upload forms used to hijack websites

In the past days I came across a stimulating blog post titled “Dissecting a Multistage Web Attack that uses the recent IE7 0day”. The authors described how a vulnerable web application was then able to infect web browsers visiting the infected website. The attackers, who…

Read more

How can any web page log you off all other websites?

A recent post on “Full-Disclosure” mailing list referenced a web page called “Session Destroyer”. This web page is a demonstration by Kristian Erik Hermansen that promises to make logging off various popular websites very easy. How does it work? This static html page simply contains…

Read more

American Express website vulnerable… again!

A few days ago a Cross-site-scripting vulnerability was discovered and reported on the American Express Site. A XSS vulnerability can allow attackers to steal user authentication cookies from americanexpress.com, thus leading to an account hijack. As web-security consultant Joshua D.Abraham said, web developers addressed only…

Read more

Why upgrade PHP to 5.2.8? Part 2

To read part 1 of this article please refer to the previous post. Note: a large number of vulnerabilities described in this post can be exploited to bypass safe_mode. It is not recommended to rely on this PHP functionality for the security of your web…

Read more

What do American Express and Facebook have in common?

Cross Site Scripting seems to be the word of the past few days with high profile sites getting featured on the technology news sites. ZDNet reported how Facebook just fixed four XSS security flaws affecting their developer’s page, the iPhone login page, the new users…

Read more

Why upgrade PHP to 5.2.8? Part 1

Note: PHP 5.2.7 is the actual version that fixes the below security holes. PHP 5.2.8 fixes an issue introduced in 5.2.7. Details from the PHP news site. A new version of the popular scripting language, PHP includes a couple of security fixes (taken from the…

Read more

How XSS can lead to a Windows Domain compromise

Many times internal web applications are excluded from the scrutinity that external ones are subjected to. It is often assumed that attackers are on the external side of the network and therefore do not have access to any internal resources. In turn this usually leads…

Read more

Acunetix WVS Scripting reference available

With Acunetix WVS version 6, Acunetix introduced a Port Scanner and Network Alerts. When scanning a website, a port scan against the web server can be launched (optional) and once open ports are found specific network security tests are launched against the network service running…

Read more