defacements for the installation of malcode

To: php-wars@xxxxxxxxxxxxxxxxxxxxxx
Subject: defacements for the installation of malcode
From: Gadi Evron <ge@xxxxxxxxxxxx>
Date: Mon, 12 Feb 2007 10:17:18 -0600 (CST)
Cc: botnets@xxxxxxxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Websense just released a blog post on how sites get defaced for malicious
purposes other than the defacement itself, such as installing mallicious
software on visiting users.

This is yet another layer of abuse of web server attack platforms.

You can find their post here:
http://www.websense.com/securitylabs/blog/blog.php?BlogID=109

        Gadi.

Prev by Date: Firefox: serious cookie stealing / same-domain bypass vulnerability
Next by Date: Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability
Previous by thread: Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability
Next by thread: RE: defacements for the installation of malcode
Index(es):
- Date
- Thread