Search Results

Search found 374 results on 15 pages for 'vulnerabilities'.

Page 4/15 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • What to do if you find a vulnerability in a competitor's site?

    - by user17610
    While working on a project for my company, I needed to build functionality that allows users to import/export data to/from our competitor's site. While doing this, I discovered a very serious security exploit that could, in short, perform any script on the competitor's website. My natural feeling is to report the issue to them in the spirit of good-will. Exploiting the issue to gain advantage crossed my mind, but I don't want to go down that path. So my question is, would you report a serious vulnerability to your direct competition, in order to help them? Or would you keep your mouth shut? Is there a better way of going about this, perhaps to gain at least some advantage from the fact that I'm helping them by reporting the issue? Update (Clarification): Thanks for all your feedback so far, I appreciate it. Would your answers change if I were to add that the competition in question is a behemoth in the market (hundreds of employees in several continents), and my company only started a few weeks ago (three employees)? It goes without saying, they most definitely will not remember us, and if anything, only realize that their site needs work (which is why we entered this market in the first place). I confess this is one of those moral vs. business toss-ups, but I appreciate all the advice.

    Read the article

  • Ideas for building vulnerabilities into your site?

    - by Jaco Pretorius
    I'm trying to create a programming challenge that would require developers to hack into the MVC site I create. The idea is obviously to teach them about preventing these types of attacks. The current idea I have is to build multiple vulnerabilities into the site - but the second vulnerability would require the first to be completed, etc. So I was thinking the first could be a sql injection attack, the second would require a modified GET request, etc. Exploiting the final vulnerability would reveal a specific piece of information which is proof that you have completed the entire challenge. This will not be deployed on a public site - it's simply a learning tool for developers at my company. I'm not looking for MVC-specific vulnerabilities - I'm simply using MVC because it allows me to work with the 'raw' HTML. Any ideas on the different vulnerabilities I can use?

    Read the article

  • Automate the process of looking for CVE (new vulnerabilities) related to our infrastructure

    - by skinp
    Is there any service available where you simply list the services, programs and versions you use, and when some CVE comes out about it, you automatically get alerted? Also, is there any other place to look for this kind of information. Do some people release security vulnerabilities to other places than CVE? So in general, how do you guys keep up to date with what might be vulnerable in your infrastructure? Edit: Since I've been asked, we are a Unix shop with mostly Red Hat and some HP-UX. I would still prefer a high level solution which are OS independent. What happens if we use software versions which are not in the official repositories of Red Hat/HP/... or simply not supported by them.

    Read the article

  • Vulnerability research. Is it really research?

    - by Benjamin
    IT security people often say they do "vulnerability research". They defend the idea that they actually are doing some kind of "research". But is searching for vulnerabilities in software real research? A geologist looking for mines in the desert is doing "exploration", not "research".

    Read the article

  • Take Advantage of Oracle's Ongoing Assurance Effort!

    - by eric.maurice
    Hi, this is Eric Maurice again! A few years ago, I posted a blog entry, which discussed the psychology of patching. The point of this blog entry was that a natural tendency existed for systems and database administrators to be reluctant to apply patches, even security patches, because of the fear of "breaking" the system. Unfortunately, this belief in the principle "if it ain't broke, don't fix it!" creates significant risks for organizations. Running systems without applying the proper security patches can greatly compromise the security posture of the organization because the security controls available in the affected system may be compromised as a result of the existence of the unfixed vulnerabilities. As a result, Oracle continues to strongly recommend that customers apply all security fixes as soon as possible. Most recently, I have had a number of conversations with customers who questioned the need to upgrade their highly stable but otherwise unsupported Oracle systems. These customers wanted to know more about the kind of security risks they were exposed to, by running obsolete versions of Oracle software. As per Oracle Support Policies, Critical Patch Updates are produced for currently supported products. In other words, Critical Patch Updates are not created by Oracle for product versions that are no longer covered under the Premier Support or Extended Support phases of the Lifetime Support Policy. One statement used in each Critical Patch Update Advisory is particularly important: "We recommend that customers upgrade to a supported version of Oracle products in order to obtain patches. Unsupported products, releases and versions are not tested for the presence of vulnerabilities addressed by this Critical Patch Update. However, it is likely that earlier versions of affected releases are also affected by these vulnerabilities." The purpose of this warning is to inform Oracle customers that a number of the vulnerabilities fixed in each Critical Patch Update may affect older versions of a specific product line. In other words, each Critical Patch Update provides a number of fixes for currently supported versions of a given product line (this information is listed for each bug in the Risk Matrices of the Critical Patch Update Advisory), but the unsupported versions in the same product line, while they may be affected by the vulnerabilities, will not receive the fixes, and are therefore vulnerable to attacks. The risk assumed by organizations wishing to remain on unsupported versions is amplified by the behavior of malicious hackers, who typically will attempt to, and sometimes succeed in, reverse-engineering the content of vendors' security fixes. As a result, it is not uncommon for exploits to be published soon after Oracle discloses vulnerabilities with the release of a Critical Patch Update or Security Alert. Let's consider now the nature of the vulnerabilities that may exist in obsolete versions of Oracle software. A number of severe vulnerabilities have been fixed by Oracle over the years. While Oracle does not test unsupported products, releases and versions for the presence of vulnerabilities addressed by each Critical Patch Update, it should be assumed that a number of the vulnerabilities fixed with the Critical Patch Update program do exist in unsupported versions (regardless of the product considered). The most severe vulnerabilities fixed in past Critical Patch Updates may result in full compromise of the targeted systems, down to the OS level, by remote and unauthenticated users (these vulnerabilities receive a CVSS Base Score of 10.0) or almost as critically, may result in the compromise of the affected systems (without compromising the underlying OS) by a remote and unauthenticated users (these vulnerabilities receive a CVSS Base Score of 7.5). Such vulnerabilities may result in complete takeover of the targeted machine (for the CVSS 10.0), or may result in allowing the attacker the ability to create a denial of service against the affected system or even hijacking or stealing all the data hosted by the compromised system (for the CVSS 7.5). The bottom line is that organizations should assume the worst case: that the most critical vulnerabilities are present in their unsupported version; therefore, it is Oracle's recommendation that all organizations move to supported systems and apply security patches in a timely fashion. Organizations that currently run supported versions but may be late in their security patch release level can quickly catch up because most Critical Patch Updates are cumulative. With a few exceptions noted in Oracle's Critical Patch Update Advisory, the application of the most recent Critical Patch Update will bring these products to current security patch level and provide the organization with the best possible security posture for their patch level. Furthermore, organizations are encouraged to upgrade to most recent versions as this will greatly improve their security posture. At Oracle, our security fixing policies state that security fixes are produced for the main code line first, and as a result, our products benefit from the mistakes made in previous version(s). Our ongoing assurance effort ensures that we work diligently to fix the vulnerabilities we find, and aim at constantly improving the security posture our products provide by default. Patch sets include numerous in-depth fixes in addition to those delivered through the Critical Patch Update and, in certain instances, important security fixes require major architectural changes that can only be included in new product releases (and cannot be backported through the Critical Patch Update program). For More Information: • Mary Ann Davidson is giving a webcast interview on Oracle Software Security Assurance on February 24th. The registration link for attending this webcast is located at http://event.on24.com/r.htm?e=280304&s=1&k=6A7152F62313CA09F77EBCEEA9B6294F&partnerref=EricMblog • A blog entry discussing Oracle's practices for ensuring the quality of Critical patch Updates can be found at http://blogs.oracle.com/security/2009/07/ensuring_critical_patch_update_quality.html • The blog entry "To patch or not to patch" is located at http://blogs.oracle.com/security/2008/01/to_patch_or_not_to_patch.html • Oracle's Support Policies are located at http://www.oracle.com/us/support/policies/index.html • The Critical Patch Update & Security Alert page is located at http://www.oracle.com/technetwork/topics/security/alerts-086861.html

    Read the article

  • Disable Java Plugin in Google Chrome?

    - by Jeff Atwood
    This is the second time I've had a drive-by executable installed on my machine using the following: Google Chrome 6 (latest) Windows 7, UAC on This happened while I was browsing for images to add to a gaming.se post; one of the sites I visited (to get an image of a transfer cable) must have had drive-by browser exploit code running. UAC alerted me that a weird temporary executable wanted to run, and I declined, but I still got the fake antivirus executable running on my machine. Sigh.. I do have Java installed because I upload stuff monthly to clearbits.net and their uploader is a Java plugin. So my best guess is, websites are doing drive-by installs using the massive numbers of zero-day vulnerabilities in the Java browser plugins. For now, I have uninstalled Java, which works. But I wondered if I could disable the Java plugin in Google Chrome instead. So, how do you disable these vulnerable plugins in Google Chrome? I can't find the UI.

    Read the article

  • Tracking Security Vulnerability remediation

    - by Zypher
    I've been looking into this for a little while, but havn't really found anything suitable. What I am looking for is a system to track security vulnerability remdiation status. Something like "bugzilla for IT" What I am looking for is something pretty simple that allows the following: batch entry of new vulnerabilities that need to be remediated Per user assignment AD/LDAP Authentiation Simple interface to track progress - research, change control status, remediated, etc. Historical search ability Ability to divide by division Ability to store proof of resolution for the Security Team to access Dependency tracking Linux based is best (that's my group :) ) Free is good, but cost doesn't matter so much if the system is worth it The systems doesn't have to have all of these features, but if it did that would be great. yes we could use our helpdesk software, but that has a bunch of pitfalls such as triggering SLA alerts and penalties as well as not easily searchable outside of a group. Most of what I have found are bug tracking systems that are geared towards developers, and are honstely way overkill for what I am looking for. Server Faults input is greatly appreciated as always!

    Read the article

  • Password Cracking Windows Accounts

    - by Kevin
    At work we have laptops with encrypted harddrives. Most developers here (on occasion I have been guilty of it too) leave their laptops in hibernate mode when they take them home at night. Obviously, Windows (i.e. there is a program running in the background which does it for windows) must have a method to unencrypt the data on the drive, or it wouldn't be able to access it. That being said, I always thought that leaving a windows machine on in hibernate mode in a non-secure place (not at work on a lock) is a security threat, because someone could take the machine, leave it running, hack the windows accounts and use it to encrypt the data and steal the information. When I got to thinking about how I would go about breaking into the windows system without restarting it, I couldn't figure out if it was possible. I know it is possible to write a program to crack windows passwords once you have access to the appropriate file(s). But is it possible to execute a program from a locked Windows system that would do this? I don't know of a way to do it, but I am not a Windows expert. If so, is there a way to prevent it? I don't want to expose security vulnerabilities about how to do it, so I would ask that someone wouldn't post the necessary steps in details, but if someone could say something like "Yes, it's possible the USB drive allows arbitrary execution," that would be great! EDIT: The idea being with the encryption is that you can't reboot the system, because once you do, the disk encryption on the system requires a login before being able to start windows. With the machine being in hibernate, the system owner has already bypassed the encryption for the attacker, leaving windows as the only line of defense to protect the data.

    Read the article

  • Testing for security vulnerabilities on web applications

    - by Moak
    A lot of companies use CMS software that updates on the regular, often they are security fixes, implying that the previous version have security vulnerabilities. But most clients never upgrade this, or even the CMS has been modified so that an update would break the site. Are there sites that document these exploits, and instruct how to test for them? Or does this information not even get published? (in order not to have people try to exploit them) Also is there a generic php/js based check list to prevent hack attempts? I know about SQL injections and XSS, but I'm sure that there are more threats out there. Peace

    Read the article

  • Security Alert for CVE-2012-4681 Released

    - by Eric P. Maurice
    Hi, this is Eric Maurice again! Oracle has just released Security Alert CVE-2012-4681 to address 3 distinct but related vulnerabilities and one security-in-depth issue affecting Java running in desktop browsers.  These vulnerabilities are: CVE-2012-4681, CVE-2012-1682, CVE-2012-3136, and CVE-2012-0547.  These vulnerabilities are not applicable to standalone Java desktop applications or Java running on servers, i.e. these vulnerabilities do not affect any Oracle server based software. Vulnerabilities CVE-2012-4681, CVE-2012-1682, and CVE-2012-3136 have each received a CVSS Base Score of 10.0.  This score assumes that the affected users have administrative privileges, as is typical in Windows XP.  Vulnerability CVE-20120-0547 has received a CVSS Base Score of 0.0 because this vulnerability is not directly exploitable in typical user deployments, but Oracle has issued a security-in-depth fix for this issue as it can be used in conjunction with other vulnerabilities to significantly increase the overall impact of a successful exploit. If successfully exploited, these vulnerabilities can provide a malicious attacker the ability to plant discretionary binaries onto the compromised system, e.g. the vulnerabilities can be exploited to install malware, including Trojans, onto the targeted system.  Note that this malware may in some instances be detected by current antivirus signatures upon its installation.  Due to the high severity of these vulnerabilities, Oracle recommends that customers apply this Security Alert as soon as possible.  Furthermore, note that the technical details of these vulnerabilities are widely available on the Internet and Oracle has received external reports that these vulnerabilities are being actively exploited in the wild.    Developers should download the latest release at http://www.oracle.com/technetwork/java/javase/downloads/index.html   Java users should download the latest release of JRE at http://java.com, and of course   Windows users can take advantage of the Java Automatic Update to get the latest release. For more information: The Advisory for Security Alert CVE-2012-4681 is located at http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html  Users can verify that they’re running the most recent version of Java by visiting: http://java.com/en/download/installed.jsp    Instructions on removing older (and less secure) versions of Java can be found at http://java.com/en/download/faq/remove_olderversions.xml   

    Read the article

  • How are clientside security vulnerabilities generally discovered?

    - by Jehjoa
    I mean in operating systems or their applications. The only way I can think of is examine binaries for the use of dangerous functions like strcpy(), and then try to exploit those. Though with compiler improvements like Visual Studio's /GS switch this possibility should mostly be a thing of the past. Or am I mistaken? What other ways do people use to find vulnerabilities? Just load your target in a debugger, then send unexpected input and see what happens? This seems like a long and tedious process. Could anyone recommend some good books or websites on this subject? Thanks in advance.

    Read the article

  • Prevent malicious vulnerability scan increasing load on a server

    - by Simon
    Hi all, this week we have been suffering some malicious vulnerability scans to our servers, increasing the load on them, making them nearly unusable. The attack is easy to defend, just blocking the offending ip, but only after discovering it. Is there any form of prevent it? Is it normal that one server becomes nearly unusable due to one of these scans? These are the requests done in just one second to our server: [Fri Mar 12 19:15:27 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/zope trunk 2 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/8872fcacd7663c040f0149ed49f572e9 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/188201 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/74e118780caa0f5232d6ec393b47ae01 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/87d4b821b2b6b9706ba6c2950c0eaefd [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/138917 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/180377 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/182712 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/compl2s [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/e7ba351f0ab1f32b532ec679ac7d589d [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/184530 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/compl_s [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/55542 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/7b9d5a65aab84640c6414a85cae2c6ff [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/77257 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/157611 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/textwrapping [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/51713 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/elina [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/fd4800093500f7a9cc21bea232658706 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/59719 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/administrationexamples [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/29587 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/bdebc9c4aa95b3651e9b8fd90c015327 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/defaultchangenotetext [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/figments [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/69744 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/fastpixelperfect [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/conchmusicsoundtoolkit [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/settingwindowposition [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/windowresizing [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/84784 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/186114 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/99858 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/131677 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/167783 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/99933 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/3en17ljttc [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/gradientcode [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/pythondevelopmentandnavigationwithspe [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/10546 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/167932 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/smallerrectforspritecollision [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/176292 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/3sumvid-19yroldfuckedby2bigcocks [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/67909 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/175185 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/131319 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/99900 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/act5 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/contributors-agreement [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/128447 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/71052 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/114242 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/69768 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/debuggingwithwinpdbfromwithinspe [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/39360 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/176267 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/143468 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/140202 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/25268 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/82241 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/142920 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/downloadingipythonformswindows [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/34367 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/for_collaborators [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/pydeveclipseextensionsfabio [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/usingpdbinipython [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/142264 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/49003 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/gamelets [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/texturecoordinatearithmetic [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/project_interface [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/143177 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/pydeveclipsefabio [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/91525 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/40426 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/134819 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/usingipythonwithtextpad [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/developingpythoninipython [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/35569 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/objfileloader [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/simpleopengl2dclasses [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/191495 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/3dvilla [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/145368 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/140118 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/87799 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/142320 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/glslexample [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/39826 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/cairopygame [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/191338 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/91819 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/152003 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/gllight [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/40567 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/137877 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/188209 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/84577 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/131017 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/fightnight [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/79781 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/4731669 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/161942 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/160289 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/81594 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/12127 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/164452 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/96823 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/163598 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/159190 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-test fsfs+ra_local [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/davros [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-publish logs [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-cleanup [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-test fsfs+ra_svn [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/cdrwin_v3 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/brianpensive [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/x86-openbsd shared gcc [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/roundup-0 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/svcastle [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/56584 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/45934 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-build [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/97194 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/cdrwin_3 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/72243 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/117043 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/147084 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/52713 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/101489 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/134867 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/win32-dependencies [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/36548 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/43827 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/100791 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/elita_posing [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/167848 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/36314 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/49951 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/142740 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/cdromkiteletronicaptg [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/138060 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/68483 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/184474 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/137447 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/sndarray [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/127870 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/167312 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/75411 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/167969 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/surfarray [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/174941 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/59129 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/147554 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/105577 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/91734 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/96679 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/06au [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/124495 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/aah [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/164439 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/12638190 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/eliel [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/171164 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/linearinterpolator [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-test [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/heading_news [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/87778 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/portlet_64568222 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/graphic_ep [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/132230 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/12251 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/greencheese [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/188966 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/cdsonic [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/171522 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/elitewrap [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/184313 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/188079 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/147511 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/160952 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/132581 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/84885 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/graphic_desktop [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/win32-xp vs2005 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/128548 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/92057 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/65235 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/pyscgi [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/56926 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/svcastle-big [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/138553 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/138232 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/153367 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/42315 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/150012 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/160079 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/win32-xp vc60 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/163482 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/42642 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/174458 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/163109 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/spacer_greys [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/pdf_icon16 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/26346 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/190998 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/fforigins [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/aliens-0 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-update faad [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/13376 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/52647 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/155036 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/compl2 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/174323 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/42317 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/tsugumo [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/171850 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/184127 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/48321 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/162545 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/84180 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/135901 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/57817 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/6360574 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/124989 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/113314 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/sprite-tutorial [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/14294 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/191387 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/187294 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/178666 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/179653 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/wingide-users [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/16309095 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/169465 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/189399 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/172392 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/35627 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/2670901 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/177847 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/chimplinebyline [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/87518 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/154595 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/12811780 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/cdmenupro42 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/110131 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/95615 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/18464 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/lwedchoice-1999 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/5099582 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/100968 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/j-emacs [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/0206mathew [Fri Mar 12 19:15:29 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/10844356 Thanks in advance!

    Read the article

  • (200 ok) ACCEPTED - Is this a hacking attempt?

    - by Byran
    I assume this is some type of hacking attempt. I've try to Google it but all I get are sites that look like they have been exploited already. I'm seeing requests to one of my pages that looks like this. /listMessages.asp?page=8&catid=5+%28200+ok%29+ACCEPTED The '(200 ok) ACCEPTED' is what is odd. But it does not appear to do anything. I'm running on IIS 5 and ASP 3.0. Is this "hack" meant for some other type of web server?

    Read the article

  • What's with the accesses to $random_existing_file/cache/df.php?

    - by Bernd Jendrissek
    Occasionally I eyeball Apache's access_log and lately I've been noticing these accesses to URLs that I don't serve. They're correctly 404'ed, but I'd like to know just who and what is involved here. "Obviously" it's some sort of vulnerability probing; I'd like to know which. (Not that it affects me, but I like to know the score.) Here's an example: 69.89.31.206 - - [28/Nov/2012:17:36:34 +0200] "GET /cvfull.pdf/cache/df.php HTTP/1.1" 404 489 "-" "-" Oddly, all 26 attempts are to either /cache/df.php, or to /cvfull.pdf/cache/df.php - they come in pairs. A few weeks ago it was zx.php, now it's df.php - I'm assuming the target is the same. Perhaps I should be flattered that a script is thinking of hiring me. Seriously, my CV is one of only two PDF files on my site, so I can only guess that non-PDF URLs aren't interesting? I've tried Googling for "cache df php", but my Google-fu is weak at the best of times, so I can only find a few reports of other script attacks. What's the vulnerability being scanned for here?

    Read the article

  • A possible case of hacked email account. What kind of an attack is this?

    - by Rickesh John
    I own a Yahoo mail account. I am using this account for sending resumes and receive notifications from various job portals. But yesterday, I found that some 10-15 mails had been sent to random addresses from my account. Most of them had this format: hr@<companyname>.com I am pretty sure that I didn't send any mails to such addresses. Initially, I thought the job portals may be sending mails on my behalf and Yahoo is logging them, but then I saw the contents. The contents of all those mails were a URL, which I did not click. SCARED. Also, to top it off, my "Sending Name" has been changed to 'Nice Maria'!! o_0 I have taken the necessary measures and changed my password and the secret question. I cannot delete this account as this email is registered with all the job portals and other companies. Is this a simple case of my account being compromised or was I a victim of some web vulnerability? All the mails seem to be bot generated, with only a URL as the message body. Please advice.

    Read the article

  • Samba - Is my server vulnerable to CVE-2008-1105?

    - by Joao Heleno
    Hi! I have a CentOS server that is running Samba and I want to verify the vulnerability addressed by CVE-2008-1105. What scenarios can I build in order to run the exploit that is mentioned in http://secunia.com/advisories/cve_reference/CVE-2008-1105/? http://secunia.com/secunia_research/2008-20/advisory/ says that "Successful exploitation allows execution of arbitrary code by tricking a user into connecting to a malicious server (e.g. by clicking an "smb://" link) or by sending specially crafted packets to an "nmbd" server configured as a local or domain master browser." More info: http://www.samba.org/samba/security/CVE-2008-1105.html http://secunia.com/secunia_research/2008-20/advisory/

    Read the article

  • Web Application Vulnerability Scanner suggestions?

    - by Chris_K
    I'm looking for a new tool for the ol' admin toolkit and would value some suggestions. I would like to do some "automated" testing of handful of websites for XSS (cross site scripting) vulns, along with checking for SQL injection opportunities. I realize that an automated tool approach isn't necessarily the only or best solution, but I'm hoping it would give me a nice start. The sites I need to scan cover the range in stacks from PHP / MySQL to Coldfusion, with some classic ASP and ASP.NET mixed in for good measure. What tools would you use to scan for Web application vulns? (Please note I'm focusing on the web apps directly, not the servers themselves).

    Read the article

  • Scanning website for vulnerablities

    - by Kristen
    I have found that the local school's website installed a Perl Calendar - this was years ago, it has not been used for ages, but Google has it indexed (which is how I found it) and it full of Viagra links and the like ... program was by Matt Kruse, here is details of the exploit: http://www.securiteam.com/exploits/5IP040A1QI.html I've got the school to remove that, but I think they also have MySQL installed and I'm aware that out-of-the-box there have been some exploits of Admin Tools / Login in old versions. For all I know they also have PHPBB and the like installed ... The school is just using some cheap, shared hosting; the HTTP response header I get is: Apache/1.3.29 (Unix) (Red-Hat/Linux) Chili!Soft-ASP/3.6.2 mod_ssl/2.8.14 OpenSSL/0.9.6b PHP/4.4.9 FrontPage/5.0.2.2510 I'm looking for some means of checking if they have other junk installed (quite possibly from way back, and now unused) that might put the site at risk. I'm more interested in something that can scan for things like the MySQL Admin exploit rather than open ports etc. My guess is that they have little control over the hosting space that they have - but I'm a Windows DEV, so this *nix stuff is all Greek to me. I found http://www.beyondsecurity.com/ which looks like it might do what I want (within their evaluation :) ) but I have a worry about how to find out if they are well known / honest - otherwise I will be tipping them a wink with a Domain Name that may be at risk! Many thanks.

    Read the article

  • openVAS - Microsoft RDP Server Private Key Information Disclosure Vulnerability - false Alarm?

    - by huebkov
    I performed a openVAS scan on a Windows Server 2008 R2 and got a report for a high threat level vulnerability called Microsoft RDP Server Private Key Information Disclosure Vulnerability. An remote attacker could perform a man-in-the-middle attack to gain access to a RDP session. Affected Software is Microsoft RDP 5.2 and below. My server uses RDP 7.1, is this alarm a false alarm? Security Advisor Pages say: Solution Status Unpatched, No remedy... References http://secunia.com/advisories/15605/ http://xforce.iss.net/xforce/xfdb/21954/ http://www.oxid.it/downloads/rdp-gbu.pdf CVE: CVE-2005-1794 BID:13818

    Read the article

  • Password Cracking Windows Accounts

    - by Kevin
    At work we have laptops with encrypted harddrives. Most developers here (on occasion I have been guilty of it too) leave their laptops in hibernate mode when they take them home at night. Obviously, Windows (i.e. there is a program running in the background which does it for windows) must have a method to unencrypt the data on the drive, or it wouldn't be able to access it. That being said, I always thought that leaving a windows machine on in hibernate mode in a non-secure place (not at work on a lock) is a security threat, because someone could take the machine, leave it running, hack the windows accounts and use it to encrypt the data and steal the information. When I got to thinking about how I would go about breaking into the windows system without restarting it, I couldn't figure out if it was possible. I know it is possible to write a program to crack windows passwords once you have access to the appropriate file(s). But is it possible to execute a program from a locked Windows system that would do this? I don't know of a way to do it, but I am not a Windows expert. If so, is there a way to prevent it? I don't want to expose security vulnerabilities about how to do it, so I would ask that someone wouldn't post the necessary steps in details, but if someone could say something like "Yes, it's possible the USB drive allows arbitrary execution," that would be great! EDIT: The idea being with the encryption is that you can't reboot the system, because once you do, the disk encryption on the system requires a login before being able to start windows. With the machine being in hibernate, the system owner has already bypassed the encryption for the attacker, leaving windows as the only line of defense to protect the data.

    Read the article

  • Does this introduce security vulnerabilities?

    - by mcmt
    I don't think I'm missing anything. Then again I'm kind of a newbie. def GET(self, filename): name = urllib.unquote(filename) full = path.abspath(path.join(STATIC_PATH, filename)) #Make sure request is not tricksy and tries to get out of #the directory, e.g. filename = "../.ssh/id_rsa". GET OUTTA HERE assert full[:len(STATIC_PATH)] == STATIC_PATH, "bad path" return open(full).read()

    Read the article

  • How to avoid open-redirect vulnerability and safely redirect on successful login (HINT: ASP.NET MVC

    - by Brad B.
    Normally, when a site requires that you are logged in before you can access a certain page, you are taken to the login screen and after successfully authenticating yourself, you are redirected back to the originally requested page. This is great for usability - but without careful scrutiny, this feature can easily become an open redirect vulnerability. Sadly, for an example of this vulnerability, look no further than the default LogOn action provided by ASP.NET MVC 2: [HttpPost] public ActionResult LogOn(LogOnModel model, string returnUrl) { if (ModelState.IsValid) { if (MembershipService.ValidateUser(model.UserName, model.Password)) { FormsService.SignIn(model.UserName, model.RememberMe); if (!String.IsNullOrEmpty(returnUrl)) { return Redirect(returnUrl); // open redirect vulnerability HERE } else { return RedirectToAction("Index", "Home"); } } else { ModelState.AddModelError("", "User name or password incorrect..."); } } return View(model); } If a user is successfully authenticated, they are redirected to "returnUrl" (if it was provided via the login form submission). Here is a simple example attack (one of many, actually) that exploits this vulnerability: Attacker, pretending to be victim's bank, sends an email to victim containing a link, like this: http://www.mybank.com/logon?returnUrl=http://www.badsite.com Having been taught to verify the ENTIRE domain name (e.g., google.com = GOOD, google.com.as31x.example.com = BAD), the victim knows the link is OK - there isn't any tricky sub-domain phishing going on. The victim clicks the link, sees their actual familiar banking website and is asked to logon Victim logs on and is subsequently redirected to http://www.badsite.com which is made to look exactly like victim's bank's website, so victim doesn't know he is now on a different site. http://www.badsite.com says something like "We need to update our records - please type in some extremely personal information below: [ssn], [address], [phone number], etc." Victim, still thinking he is on his banking website, falls for the ploy and provides attacker with the information Any ideas on how to maintain this redirect-on-successful-login functionality yet avoid the open-redirect vulnerability? I'm leaning toward the option of splitting the "returnUrl" parameter into controller/action parts and use "RedirectToRouteResult" instead of simply "Redirect". Does this approach open any new vulnerabilities? Side note: I know this open-redirect may not seem to be a big deal compared to the likes of XSS and CSRF, but us developers are the only thing protecting our customers from the bad guys - anything we can do to make the bad guys' job harder is a win in my book. Thanks, Brad

    Read the article

  • Security Alert for CVE-2010-0886 and CVE-2010-0887 Released

    - by eric.maurice
    Hi, this is Eric Maurice again! Oracle just released a Security Alert to announce the availability of fixes for two vulnerabilities (CVE-2010-0886 and CVE-2010-0887) affecting Oracle Java SE and Oracle Java For Business. Both vulnerabilities only affect Java when running in a 32-bit web browser. These vulnerabilities are not present in Java running on servers or standalone Java desktop applications and do not impact any Oracle server based software. The first vulnerability (CVE-2010-0886) affects the Java Deployment Toolkit (version 6 update 10 through 19) on Windows only. The second vulnerability (CVE-2010-0887) affects the Java Plug-in (version 6 update 18 and 19) on Windows, Solaris and Linux. Both vulnerabilities may allow an attacker to run commands on the user's system with the privileges of the user, whose system may have become compromised by visiting a malicious web site. Oracle rated the severity of both vulnerabilities with a CVSS Base Score of 10.0 because many Windows users grant themselves administrative privileges. However, on other platforms, or for Windows users with limited privileges, the CVSS Base Score is only 7.5, because a successful exploitation of these vulnerabilities cannot result in a full compromise of the affected system. Users can quickly determine if they are running vulnerable versions of Java by pointing their browser to http://www.java.com/en/download/help/testvm.xml. Java SE users can visit http://www.java.com and download the most recent release of Java SE to address these vulnerabilities. Because of the criticality of these vulnerabilities, and the publicity they received as a result of their disclosure before the availability of a fix, Oracle recommends that all customers and Java users update their Java installation to the most recent version (6 update 20). For More Information: The advisory for the Security Alert for CVE-2010-0886 and CVE-2010-0887 is located at http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html

    Read the article

  • October 2012 Critical Patch Update and Critical Patch Update for Java SE Released

    - by Eric P. Maurice
    Hi, this is Eric Maurice. Oracle has just released the October 2012 Critical Patch Update and the October 2012 Critical Patch Update for Java SE.  As a reminder, the release of security patches for Java SE continues to be on a different schedule than for other Oracle products due to commitments made to customers prior to the Oracle acquisition of Sun Microsystems.  We do however expect to ultimately bring Java SE in line with the regular Critical Patch Update schedule, thus increasing the frequency of scheduled security releases for Java SE to 4 times a year (as opposed to the current 3 yearly releases).  The schedules for the “normal” Critical Patch Update and the Critical Patch Update for Java SE are posted online on the Critical Patch Updates and Security Alerts page. The October 2012 Critical Patch Update provides a total of 109 new security fixes across a number of product families including: Oracle Database Server, Oracle Fusion Middleware, Oracle E-Business Suite, Supply Chain Products Suite, Oracle PeopleSoft Enterprise, Oracle Customer Relationship Management (CRM), Oracle Industry Applications, Oracle FLEXCUBE, Oracle Sun products suite, Oracle Linux and Virtualization, and Oracle MySQL. Out of these 109 new vulnerabilities, 5 affect Oracle Database Server.  The most severe of these Database vulnerabilities has received a CVSS Base Score of 10.0 on Windows platforms and 7.5 on Linux and Unix platforms.  This vulnerability (CVE-2012-3137) is related to the “Cryptographic flaws in Oracle Database authentication protocol” disclosed at the Ekoparty Conference.  Because of timing considerations (proximity to the release date of the October 2012 Critical Patch Update) and the need to extensively test the fixes for this vulnerability to ensure compatibility across the products stack, the fixes for this vulnerability were not released through a Security Alert, but instead mitigation instructions were provided prior to the release of the fixes in this Critical Patch Update in My Oracle Support Note 1492721.1.  Because of the severity of these vulnerabilities, Oracle recommends that this Critical Patch Update be installed as soon as possible. Another 26 vulnerabilities fixed in this Critical Patch Update affect Oracle Fusion Middleware.  The most severe of these Fusion Middleware vulnerabilities has received a CVSS Base Score of 10.0; it affects Oracle JRockit and is related to Java vulnerabilities fixed in the Critical Patch Update for Java SE.  The Oracle Sun products suite gets 18 new security fixes with this Critical Patch Update.  Note also that Oracle MySQL has received 14 new security fixes; the most severe of these MySQL vulnerabilities has received a CVSS Base Score of 9.0. Today’s Critical Patch Update for Java SE provides 30 new security fixes.  The most severe CVSS Base Score for these Java SE vulnerabilities is 10.0 and this score affects 10 vulnerabilities.  As usual, Oracle reports the most severe CVSS Base Score, and these CVSS 10.0s assume that the user running a Java Applet or Java Web Start application has administrator privileges (as is typical on Windows XP). However, when the user does not run with administrator privileges (as is typical on Solaris and Linux), the corresponding CVSS impact scores for Confidentiality, Integrity, and Availability are "Partial" instead of "Complete", typically lowering the CVSS Base Score to 7.5 denoting that the compromise does not extend to the underlying Operating System.  Also, as is typical in the Critical Patch Update for Java SE, most of the vulnerabilities affect Java and Java FX client deployments only.  Only 2 of the Java SE vulnerabilities fixed in this Critical Patch Update affect client and server deployments of Java SE, and only one affects server deployments of JSSE.  This reflects the fact that Java running on servers operate in a more secure and controlled environment.  As discussed during a number of sessions at JavaOne, Oracle is considering security enhancements for Java in desktop and browser environments.  Finally, note that the Critical Patch Update for Java SE is cumulative, in other words it includes all previously released security fixes, including the fix provided through Security Alert CVE-2012-4681, which was released on August 30, 2012. For More Information: The October 2012 Critical Patch Update advisory is located at http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html The October 2012 Critical Patch Update for Java SE advisory is located at http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html.  An online video about the importance of keeping up with Java releases and the use of the Java auto update is located at http://medianetwork.oracle.com/video/player/1218969104001 More information about Oracle Software Security Assurance is located at http://www.oracle.com/us/support/assurance/index.html  

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >