- Jun 05 Thu 2008 14:11
-
轉貼[YouTube]SQL漏洞chna
- Jun 03 Tue 2008 15:43
-
[CLXP_Blog]三種方法解決IIS6.0目錄檢查漏洞
作者:楚林 日期:2008-05-18
本文來自死性不改的博客 http://www.clxp.net.cn 轉載請保留此申明!
一 、 Windows 2003 Enterprise Edition IIS6 目錄檢查漏洞的描述
1、Windows 2003 Enterprise Edition是微軟目前主流的服務器操作系統。 Windows 2003 IIS6 存在著文件解析路徑的漏洞,當文件夾名為類似hack.ASP的時候(即文件夾名看起來像一個ASP文件的文件名),此時此文件夾下的任何類型的文件都可以在IIS中被當做ASP程序來執行。這樣黑客即可上傳擴展名為.jpg或.gif之類的看起來像是圖片文件的木馬文件,通過訪問這個文件即可運行木馬。
本文來自死性不改的博客 http://www.clxp.net.cn 轉載請保留此申明!
一 、 Windows 2003 Enterprise Edition IIS6 目錄檢查漏洞的描述
1、Windows 2003 Enterprise Edition是微軟目前主流的服務器操作系統。 Windows 2003 IIS6 存在著文件解析路徑的漏洞,當文件夾名為類似hack.ASP的時候(即文件夾名看起來像一個ASP文件的文件名),此時此文件夾下的任何類型的文件都可以在IIS中被當做ASP程序來執行。這樣黑客即可上傳擴展名為.jpg或.gif之類的看起來像是圖片文件的木馬文件,通過訪問這個文件即可運行木馬。
- Jun 03 Tue 2008 15:23
-
整理免費的個人安全軟體
- May 27 Tue 2008 13:34
-
[YAM_NEWS]中國病毒中心提醒:謹防木馬"驅動殺手"新變種來襲
鉅亨網╱鉅亨網查淑妝‧台北綜合報導 2008-05-26 11:30
中國國家計算機病毒應急處理中心通過對互聯網的監測發現,近期出現一個木馬「驅動殺手」的新變種 A(trojan-Driver.A),提醒廣大電腦用戶小心謹防。
新華網報導,專家說,該變種會用惡意驅動程序文件替換受感染計算機係統驅動目錄下的原有驅動程序文件,並將該惡意驅動程序注冊為係統服務,使電腦系統中的防病毒軟件無法正常使用,進而躲避防病毒軟體的查殺。
該變種還會最終將惡意驅動程序文件刪除,並在受感染電腦系統的動態連接庫緩存目錄下復製一個被該惡意驅動程序替換掉的原系統驅動文件。
- May 23 Fri 2008 09:45
-
[賽迪網]SQL注入式除攻擊數據庫外還威脅系統安全
發佈時間:2008.05.23 04:44 來源:7747.Net 作者:air
近來的SQL注入攻擊顯示,採用SQL注入的多級攻擊可以提供對操作系統的交互式GUI(圖形用戶界面)訪問。
一位歐洲的研究人員發現,SQL注入並不僅僅是為了攻擊數據庫和網頁,這場影響範圍巨大的攻擊風暴也可以作為進入操作系統的墊腳石。
Portcullis計算機安全的高級滲透測試人員Alberto Revelli星期二在倫敦的EUSecWest大會上演示了一種多級攻擊,它採用可以從根本上給攻擊者對底層操作系統進行交互GUI方式的訪問。
Revelli 也被人們稱為「icesurfer」,他指出,當今的數據庫管理系統都有一些工具和功能組件,可以直接與操作系統及網絡聯接。他說,「這意味著如果我可以通過一次SQL注入攻擊一個Web應用程序,我就不只侷限於存儲在數據庫中的數據,而且我還可以設法獲得對DBMS(數據庫管理系統)所在的主機的交互式訪問。」
- May 22 Thu 2008 12:51
-
[SANS] Three Cisco advisories released today
Published: 2008-05-21,
Last Updated: 2008-05-21 20:14:36 UTC
by George Bakos (Version: 1)
Cisco has released three advisories this week, two that cover DOS vulnerabilities in IOS SSH and the Secure Control Engine (SCE) and one privilege escalation in Cisco Voice Portal (CVP).
While the "Exploitation and Public Announcements" portion of all three advisories states that the vulns were discovered in-house, it's a pretty safe bet that a fair number of security "researchers" are feverishly reverse engineering the updates to develop exploits for private use and/or public release.
Last Updated: 2008-05-21 20:14:36 UTC
by George Bakos (Version: 1)
Cisco has released three advisories this week, two that cover DOS vulnerabilities in IOS SSH and the Secure Control Engine (SCE) and one privilege escalation in Cisco Voice Portal (CVP).
While the "Exploitation and Public Announcements" portion of all three advisories states that the vulns were discovered in-house, it's a pretty safe bet that a fair number of security "researchers" are feverishly reverse engineering the updates to develop exploits for private use and/or public release.
- May 21 Wed 2008 10:25
-
[賽迪網]研究稱蘋果Sarfari下載機制存缺陷或被感染
發佈時間:2008.05.20 07:55 來源:賽迪網 作者:劉彥青
【賽迪網訊】5月20日消息,據一名安全研究人員稱,蘋果Safari瀏覽器的下載機制中可能存在一個缺陷。
據國外媒體報導稱,安全研究人員加尼在其博客中寫道,無須獲得用戶允許,Sarfari 3.1就可以下載內容。加尼說,這一問題非常明顯:無須用戶同意,惡意軟件就會被下載到用戶桌面上。
最近有媒體報導稱,通過與iTunes和QuickTime等應用軟件捆綁,蘋果將Safari瀏覽器的市場份額提高了2倍。
Securosis.com的裡奇本週一表示,儘管自動下載功能在缺省狀態下不會遭遇這一問題,但這仍然意味著很大的安全風險。他說,在Windows系統中,下載的內容在缺省狀態下會下載到用戶的桌面上,黑客很容易就能誘騙用戶執行惡意軟件;在Mac OS X Leopard系統中,下載的內容會下載到「下載文件夾中,即使如此,如果黑客使用一個有吸引力的文件名,用戶仍然可能會受騙上當。
- May 21 Wed 2008 10:24
-
[賽迪網]安全廠商再拋新證據:Vista不安全64%染病毒
發佈時間:2008.05.21 07:51 來源:賽迪網 作者:友亞
【賽迪網訊】5月21日消息,據國外媒體報導,安全廠商PC Tools本週一又公佈了一批新證據,以此來證明微軟的新一代操作系統Windows Vista還沒有Windows 2000安全。
本月上旬,安全廠商PC Tools曾表示,WindowsVista比Windows2000還容易遭受惡意軟件攻擊。據PC Tools數據顯示,在1000台VistaPC中,有639台存在安全隱患。相比之下,Windows2000系統下的安全隱患數量為586台, Windows2003系統下為478台。
對於該數據,微軟發言人提出了質疑,並給出了微軟自己的數據,稱在2007年6月至 12月間,Vista被惡意軟件感染的比例僅為2.8%,低於XP SP2的7.2%。相比之下,Windows 2000 SP4的感染率為5%,Windows 2000 SP3為12.2%。
本週一,PC Tools再次拋出新證據,稱在去年11月至今的5個月內,在19.0692萬台Vista PC中,有12.1380萬台至少感染了一種惡意軟件,佔64%。最多時一台機器被感染了19個惡意代碼,其中74%為廣告插件,17%為特洛伊木馬。
- May 21 Wed 2008 10:20
-
[SANS]List of malicious domains inserted through SQL injection
Published: 2008-05-20,
Last Updated: 2008-05-20 16:55:25 UTC
by Raul Siles (Version: 3)
One of the main attack vectors we have seen during the last years are "silent" Web defacements, typically in the form of redirections to malicious JavaScript code that are inserted inside the contents of Web pages using iframes, images, or other HTML tags. As lots of Web servers get their contents (or part of them) directly from a database, SQL injection vulnerabilities are widely exploited to insert the malicious references. You can find some of the previous related ISC diary entries here (by using Google).
Unfortunately, there is no silver bullet method to identify if a Web site (Web server or database) has been infected with new HTML tags, due to the fact that complex Web environments typically contain hundreds of scripts, redirections and references. One way of checking if a Web site is vulnerable and has been compromised is by searching for the specific malicious domains hosting the JavaScript and pointed out by the inserted references. We always try to emphasize these malicious domains in the diary entries so that you can search for or even block them.
Last Updated: 2008-05-20 16:55:25 UTC
by Raul Siles (Version: 3)
One of the main attack vectors we have seen during the last years are "silent" Web defacements, typically in the form of redirections to malicious JavaScript code that are inserted inside the contents of Web pages using iframes, images, or other HTML tags. As lots of Web servers get their contents (or part of them) directly from a database, SQL injection vulnerabilities are widely exploited to insert the malicious references. You can find some of the previous related ISC diary entries here (by using Google).
Unfortunately, there is no silver bullet method to identify if a Web site (Web server or database) has been infected with new HTML tags, due to the fact that complex Web environments typically contain hundreds of scripts, redirections and references. One way of checking if a Web site is vulnerable and has been compromised is by searching for the specific malicious domains hosting the JavaScript and pointed out by the inserted references. We always try to emphasize these malicious domains in the diary entries so that you can search for or even block them.
- May 21 Wed 2008 10:19
-
[SANS]Java 6 Update 6 has been released
Published: 2008-05-20,
Last Updated: 2008-05-20 16:38:26 UTC
by Raul Siles (Version: 2)
Sun has released Java 6 Update 6 including 13 bug fixes. At first glance going through the Release Notes, only one of them seems to be security related, but as always, it is recommended to update to the latest version (after appropriate testing).
You can check your current Java version here. Thanks Roseman for the heads up!
Last Updated: 2008-05-20 16:38:26 UTC
by Raul Siles (Version: 2)
Sun has released Java 6 Update 6 including 13 bug fixes. At first glance going through the Release Notes, only one of them seems to be security related, but as always, it is recommended to update to the latest version (after appropriate testing).
You can check your current Java version here. Thanks Roseman for the heads up!
- May 15 Thu 2008 11:53
-
[CISCO]Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabiliti
Advisory ID: cisco-sa-20080514-cucmdos
Revision 1.0
+---------------------------------------------------------------------
Summary
- May 15 Thu 2008 11:51
-
[CISCO]Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabiliti
Advisory ID: cisco-sa-20080514-cucmdos
Revision 1.0
+---------------------------------------------------------------------
Summary
