Windows User Group - Slovak Republic
Windows User Group - Slovak Republic Windows User Group - Slovak Republic
RSS
Windows User Group - Slovak Republic
prihlásenie
meno login
heslo
Automaticky prihlásiť
zabudli ste heslo?
zaregistrujte sa

kalendár podujatí
október 2018 november 2018 december 2018
po ut st št pi so ne
29 30 31 1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 1 2
dnes 15.11.2018 dnes 15.11.2018

kto je online?
počet anonymných užívateľov: 3
počet prihlásených užívateľov: 2
teraz je online:
Bing [Bot], Google [Bot]

Top 10 najčítanejšie
1.Vytvorenie USB boot jed...
2.Oprava MBR sektoru bez ...
3.Windows 7 download
4.HTPC alebo ako si posta...
5.Konzole pro zotavení v...
6.Windows 7 RC v slovenč...
7.Inštalujte Windows z U...
8.Platené vs Zadarmo
9.Panika menom Conficker
10.Windows 7 RC download -...

Windows User Group - Slovak Republic

Kompromitovaná stránka McAffee.com
Windows User Group - Slovak Republic
Bezpečnosť > bezpečnosť

Kompromitovaná stránka McAffee.com

Windows User Group - Slovak Republic

Ako vidieť ani antivírové či bezpečnostné firmy sa moc nesnažia venovať vlastnej bezpečnosti.


20.3.2011 sway1990, člen skupiny InSecurity.Ro, hackol opatovne stránku ESET.ro (rumunský reseller ESETu)

Podľa oficiálnych informácií neunikli žiadne dôležité údaje a eset.ro urýchlene vykonal opravy.

(vyjadrenie ESETu: It was an SQL injection on the page where we keep our reseller map. The problem was fixed in the same day. There where no changes in the page or other damage to our image.)
Povedzme že išlo o relatívne slabú chybu a operatívne riešenie (do 12 hodín)

 

Na druhej strane je McAfee. Skupina YGN Ethical Hackers našla a oznámila už 10.2.2011 do McAfee chyby na ich stránke mcafee.com. Išlo o Cross site script diery (XSS vulnerability), neskrývanie interných url a viditeľnosť zdrojových súborov.

McAfee vydalo vyjadrenie 12.2.2011 v nasledovnom znení:

"We are working to resolve the issue as quickly as possible."

 

Nuž a po overení 27.3.2011 - problém stále pretrváva. (Ako vidieť v nižšie vloženom emaili od YGN)

 

Problém oproti ESETu je podstatne väčší. ESET  a ich lokálny resseleri nie sú prepojený z ničím (majú/mali by mať) lokálne servery na update a aj vlastnú databázu užívateľov.

 

Na druhej strane McAfee robí overovania aj pre zákazníkov a dáva im overenie bezpečnosti aj pre web (Verified by McAfee Secure) a ich databázy sú priamo prepojené s webstránkou.

Taktiež McAfee poskytuje firmám Security & Risk Management a analýzy. Takže by malo spĺňať isté normy.

 

Pokiaľ by ste daný problém chceli pozrieť podrobnejšie,  pekne ho spracoval Pablo Ximenes z Security Research Teamu na Univerzite v Ceará (Brazília)

 

 

 

Popis problému na McAfee.com:

From: YGN Ethical Hacker Group 
Date: Mon, 28 Mar 2011 00:02:47 +0800
Vulnerabilities in *McAfee.com
1. VULNERABILITY DESCRIPTION
-> Cross Site Scripting
http://download.mcafee.com/products/webhelp/4/1033/#javascript:top.location.replace('attacker.in')
-> Information Disclosure > Internal Hostname:
http://www.mcafee.com/js/omniture/omniture_profile.js
($ ruby host-extract.rb -a
http://www.mcafee.com/js/omniture/omniture_profile.js)
-> Information Disclosure > Source Code Disclosure:
view-source:http://download.mcafee.com/clinic/includes/commoninc/cookiecommon.asp
view-source:http://download.mcafee.com/clinic/includes/commoninc/appcommon.asp
view-source:http://download.mcafee.com/clinic/includes/commoninc/partnerCodesLibrary.asp
view-source:http://download.mcafee.com/clinic/Includes/common.asp
view-source:http://download.mcafee.com/updates/upgrade_patches.asp
view-source:http://download.mcafee.com/updates/common/dat_common.asp
view-source:http://download.mcafee.com/updates/updates.asp
view-source:http://download.mcafee.com/updates/superDat.asp
view-source:http://download.mcafee.com/eval/evaluate2.asp
view-source:http://download.mcafee.com/common/ssi/conditionals.asp
view-source:http://download.mcafee.com/common/ssi/errHandler_soft.asp
view-source:http://download.mcafee.com/common/ssi/variables.asp
view-source:http://download.mcafee.com/common/ssi/standard/oem/oem_controls.asp
view-source:http://download.mcafee.com/common/ssi/errHandler.asp
view-source:http://download.mcafee.com/common/ssi/common_subs.asp
view-source:http://download.mcafee.com/us/upgradeCenter/productComparison_top.asp
view-source:http://download.mcafee.com/us/bannerAd.asp
view-source:http://download.mcafee.com/common/ssi/standard/global_foot_us.asp
2. RECOMMENDATION
- Fully utilize Mcafee FoundStone Experts
- Use outbound monitoring of traffic to detect potential information leakage
3. VENDOR
McAfee Inc
http://www.mcafee.com
4. DISCLOSURE TIME-LINE
2011-02-10: reported vendor
2011-02-12: vendor replied "we are working to resolve the issue as
quickly as possible"
2011-03-27: vulnerability found to be unfixed completely
2011-03-27: vulnerability disclosed
5. REFERENCES
Original Advisory URL:
http://yehg.net/lab/pr0js/advisories/sites/mcafee.com/[mcafee]_xss_infoleak
Former Disclosure, 2008:
http://www.theregister.co.uk/2008/06/13/security_giants_xssed/
Former Disclosure, 2009:
http://news.softpedia.com/news/McAfee-Websites-Vulnerable-to-Attacks-110...
Former Disclosure, 2010:
http://security-sh3ll.blogspot.com/2010/04/mcafee-communities-xss-deface...
host-extract: http://code.google.com/p/host-extract/
Demo: http://yehg.net/lab/pr0js/training/view/misc/XSSing_McAfee_Secured/
xssed: http://www.xssed.com/search?key=mcafee.com
Lessont Learn: http://blogs.mcafee.com/mcafee-labs/from-xss-to-root-lessons-learned-fro...
#yehg [2011-03-27]
Windows User Group - Slovak RepublicWindows User Group - Slovak Republic Redhawk | utorok 29. marca 2011 16:54 | Prečítané: 3821 x | neohodnotené |
Windows User Group - Slovak Republic
Windows User Group - Slovak Republic

 
Windows User Group - Slovak Republic
vyhľadávanie

partneri
SecTec - Think secure

Počítačová škola GOPAS

2 % od Vás pre WUG
2 % od Vás pre WUG

sponzori






Windows User Group - Slovak Republic
Windows User Group - Slovak Republic
Windows User Group - Slovak Republic

Copyright © 2008 Windows User Group Slovensko

Windows User Group - Slovak Republic domov Windows User Group - Slovak Republic o nás Windows User Group - Slovak Republic podujatia Windows User Group - Slovak Republic odkazy Windows User Group - Slovak Republic informačné kanály Windows User Group - Slovak Republic
Windows User Group - Slovak Republic