Posts filed under 'Virus/Worms'
Now, this weeks favourite just came in. I was scouring my RSS feeds for interesting stuff to post but nothing really caught my eye. You know, we had the usual 10 million XSS holes, 5 million SQL injections and the odd buffer overflow but this is not as much an exploit in software as it is an exploit in stupidity.
Most Mac OSX users that I know are the types of people that think that since they switched, they don’t need an Antivirus. After all, there are no viri on Mac OSX right? Yea, and I suppose their default firewall will protect you against outgoing connections too. Anyhow back on point, these people are also the types of people that are willing to “borrow” software. Well, that’s great because if they borrow iWork09 then its possible they could get a trojan *GASP*:
http://www.informationweek.com/news/hardware/mac/showArticle.jhtml?articleID=212902080&cid=RSSfeed_IWK_ALL
Who would have thought? I guess a trojan isn’t technically a virus, but can be a means for a virus to spread. Well, that’s enough on that topic and should give you something to ponder.
January 23rd, 2009
Media player exploits scare the crap out of me. The biggest reason that they scare me is because “end users don’t think before they click that link” (c) 2008 Web Insecurity. Now, when they normally get an e-mail, they would never click it if it was from their bank, but what happens if the link was from a co worker of theirs. Perhaps a peer in the professional industry, perhaps an e-mail from their doctors office, a friend or favorite department store mailing list with the details of a huge competition. The video form of media is very attractive to end users. Video’s always spread around the net and e-mail like wild fire, hence the name viral video. Now what happens when a media player vulnerability is not withheld like this new one: http://www.securityfocus.com/archive/1/496358? What happens when one of these gets added to MetaSploit, or perhaps in combination with XSS / XSRF maliciously linked in social networking sites?
I don’t have the answer, but I really don’t want to find out.
September 15th, 2008
Here is a round up of the interesting SQL injections that were reported today. If you run any of these make sure you update. If you don’t run any of these then you lucked out this time, but there is still time for more to be reported today.
phsBlog “sql_cid” SQL Injection Vulnerability
http://secunia.com/Advisories/31815/
http://www.phsdev.com/phsblog.php
phsBlog is a well liked script on hot scripts. Too bad they didn’t properly sanitize all of their inputs properly. This one could potentially leave a lot of people with holes in their blog.
PSCRIPT Forum “showprofil.php” SQL Injection Vulnerability
http://secunia.com/Advisories/31872/
http://www.frsirt.com/english/advisories/2008/2559
http://milw0rm.com/exploits/6442
Reported under different names on frsirt and secunia, but essentially the same attack or exploit. This issue is caused by an validation of input error in the “showprofil.php” script when the “id” parameter is processed. We all know what happens next with SQL injections. Reported on milw0rm.
vbLOGIX Tutorials SQL Exploit
http://www.frsirt.com/english/advisories/2008/2563
http://secunia.com/Advisories/31829/
Product: http://www.vblogix.com/
There are so many open source “Tutorials” scripts out there that it seems silly to pay for one. vbLOGIX does have one you can pay for, and it just so happens that they now have a SQL injection. It does not disclose what information can be accessed via the SQL injection, but it could be anything, logins and passwords being the most dangerous or manipulations of data being minor (depending on your business).
Ruby on Rails “:limit” and “:offset” SQL Injection Vulnerabilities
http://www.frsirt.com/english/advisories/2008/2562
http://secunia.com/Advisories/31910/
Two vulnerabilities have been identified in Ruby on Rails, which could be exploited by remote attackers to execute arbitrary SQL queries. These issues are caused by input validation errors in ActiveRecord when processing the “:limit” and “:offset” parameters, which could be exploited by malicious people to conduct SQL injection attacks.
WebPortal “aid” Parameter Remote SQL Injection Vulnerability
http://www.frsirt.com/english/advisories/2008/2560
Summary: “download.php” script when processing the “aid” parameter
I don’t exactly know why this “WebPortal” is listed as a vulnerability. There is no additional information as to who makes this product. WebPortals are pretty common on the web these days and think that this advisory should be more specific. Props to StAkeR for finding it though.
iBoutique “cat” Parameter Remote SQL Injection Vulnerability
http://www.frsirt.com/english/advisories/2008/2561
http://www.netartmedia.net/iboutique/
iBoutique is an online “boutique” store, so naturally this should be given some credit. This one needs to be updated if you run it.
Vulnerability: A vulnerability has been identified in iBoutique, which could be exploited by attackers to manipulate and inject SQL queries. This issue is caused by an input validation error in the “index.php” script when processing the “cat” parameter while “mod” is set to “products”, which could be exploited by malicious people to conduct SQL injection attacks and gain knowledge of sensitive information.
September 15th, 2008
A Japanese nuclear worker accidently leaked nuclear secrets when his PC became infected by a worm.
Continue Reading July 25th, 2005
As Sven Jaschan, the nineteen year old convicted of writing the sasser worm, has to spend thirty hours serving the community as punishment for his crimes, those who informed law enforcement are basking in their newly found riches.
Continue Reading July 22nd, 2005