Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: nasty new url insertion program

from [Bowes, Ronald (EST)] Network Security [Permanent Link]
Subject: RE: nasty new url insertion program
Date: Tue, 5 Oct 2004 08:46:52 -0500 
It is possible that a script on the page is vulnerable to "http response
splitting".  I would suggest googling it, because I don't have any links
handy, but that would allow somebody to poison the cache of a caching server
between him and his site with a fake web page.

I don't quite understand your questions, but it seems to me that that could
be a possibility.  

Hope that helps!

Ron Bowes
Information Protection Centre
Government Of Manitoba

-----Original Message-----
From: Alex Gogan [mailto:alex@fbi.ie] 
Sent: Friday, October 01, 2004 7:21 AM
To: security-basics@securityfocus.com
Subject: nasty new url insertion program

Hi All,

Just a quick note, a client rang me this morning in a panic saying the 
site we developed and hosted was compromised, what was happening was 
every time he made a change on the CMS system to one of the pages, where 
there was a URL field it would (he was unaware) insert 
"http://younghotgirls.net/2504/"; it was only when he was checking the 
pages online did he notice this.

Needless to say I told him to download the spy ware and antivirus to try 
and catch this but I must admit I find this troubling.

Has anybody else found or heard of something similar ??

-- 
Alex Gogan
alex@fbi.ie
Future Business Intercommunications
~The Complete Internet Services Company~

http://www.fbi.ie
Communications House
11 Leeson Park Villas, Sallymount Avenue, Ranelagh,
Dublin 6, Ireland

Tel:+353.14988588 | Fax: +353.14988589
Web: www.fbi.ie | Email: alex@fbi.ie
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Anyone know any good Assembly Language tutorials?, james_love
Next by Date:  Re: Windows 98 box is 'owned', GuidoZ
Previous by Thread:  nasty new url insertion program, Alex Gogan
Next by Thread:  TCP/IP CRC question, Jorge Mendez Bonini
Indexes:  [Date] [Thread] [Top] [All Lists]