|
| Top
Security News |
What's Important In Your Web Application...
As with many other business analysis issues, there are three sides to the story when looking at Web application security testing: yours, the findings of your vulnerability assessment, and the truth. Whether you're using a commercial or open source...
McAfee Goes Podcasting
McAfee has launched a twice-monthly podcast series about topics related to computer and Internet security, starting with a discussion of the Nordea Bank phishing incident, and information disclosure. The new...
Symantec Breaks Down Vista Security
The security company has been looking into Windows Vista since 2005, and published an assessment of its security implications. As a caveat, one of Symantec's Vista articles regarding User Account Control (UAC) has been disputed as to its potential impact.
New Storm Variant Hits Blogs, Emails
A polymorphic version of the Storm worm will deliver a rootkit to an unsuspecting victim's machine, and from there will post a link to itself in the blog entries, forum posts, and emails coming from the now-infected system. Secure Computing principal research...
TJX Data Breach Grows Wider
The hole in the security for the clothing chain was wider than initially reported, and it could spur legislation holding companies responsible for these breaches. TJX initially disclosed that the intrusion into its...
CastleCops Draws DDoS Attack
The security site had been facing a distributed denial of service attack for several hours; the attack hit 1 Gb/second at its peak.
Someone out there isn't a fan of Paul Laudanski or CastleCops. The site hosts several security resources, including one...
When Social Engineering Gets Physical
Criminals may be a superstitious, cowardly lot in Batman's world, but an evildoer in the real world may be ready to fight as one security company learned. Steve Stasiukonis wrote a tale of how his Secure Network Technologies had to deal with an...
|
|
|
|
Internet Explorer suffers from an input validation error that could be exploited by phishing scammers to steal information from users of that browser.
France's FrSIRT confirmed the flaw with the IE resource page 'res://ieframe.dll/navcancl.htm'. The input validation error could be exploited when that page generates a 'Refresh the page' link.
The report about the low risk remotely exploitable issue said attackers could spoof the displayed address bar by tricking a user into clicking on the "Refresh the page" link while visiting a malicious web page.
This problem affects the latest version of the browser, IE 7. Security researcher Aviv Raff first noted the vulnerability, and listed IE 7 on XP and Vista as being vulnerable to it.
He described the issue as "a design flaw in IE" and provided an example scenario where it could be
exploited:
To perform a phishing attack, an attacker can create a specially crafted navcancl.htm local resource link with a script that will display a fake content of a trusted site (e.g. bank, paypal, MySpace).
When the victim will open the link that was sent by the attacker, a "Navigation Canceled" page will be displayed. The victim will think that there was an error in the site or some kind of a network error and will try to refresh the page. Once he will click on the "Refresh the page." link, The attacker's provided content (e.g. fake login page) will be displayed and the victim will think that he's within the trusted site, because the address bar shows the trusted site's URL.
No formal patch or workaround has been provided by Microsoft yet. Raff suggested people should not trust the 'Navigation Canceled' page in IE until this has been
fixed.
Remotely exploitable flaw disclosed for OpenBSD: It's only the second such hole ever found in a default install of the OpenBSD operating system. The Core Security website discussed the remote kernel buffer overflow that could impact OpenBSD's IPv6 mbufs:
The OpenBSD kernel contains a memory corruption vulnerability in the code that handles IPv6 packets. Exploitation of this vulnerability can result in:
1) Remote execution of arbitrary code at the kernel level on the vulnerable systems (complete system compromise), or;
2) Remote denial of service attacks against vulnerable systems (system crash due to a kernel panic)
The issue can be triggered by sending a specially crafted IPv6 fragmented packet.
OpenBSD systems using default installations are vulnerable because the default pre-compiled kernel binary (GENERIC) has IPv6 enabled and OpenBSD's firewall does not filter inbound IPv6 packets in its default configuration.
The impact of the flaw appears to be mitigated, judging by Core Security's note that exploiting it first requires "direct physical/logical access to the target's local network." A security fix for the problem has been issued.
About
the Author:
David Utter is a technology writer for SecurityProNews, WebProNews, and InternetFinancialNews.
|
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
