標籤 inzeed 下的所有文章

Gcon Tech Solutions v1.0 SQL Injection Web Security Vulnerabilities

gconts_sql2

 

Gcon Tech Solutions v1.0 SQL Injection Web Security Vulnerabilities

 

Exploit Title: Gcon Tech Solutions v1.0 content.php? &id Parameter SQL Injection Security Vulnerabilities

Product: Gcon Tech Solutions

Vendor: Gcon Tech Solutions

Vulnerable Versions: v1.0

Tested Version: v1.0

Advisory Publication: May 24, 2015

Latest Update: May 24, 2015

Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) [CWE-89]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

Writer and Reporter: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

 

 

 

Recommendation Details:

 

(1) Vendor & Product Description:

Vendor:

Gcon Tech Solutions

 

Product & Vulnerable Versions:

Gcon Tech Solutions

v1.0

 

Vendor URL & Download:

Gcon Tech Solutions can be obtained from here,

http://www.gconts.com/Development.htm

 

Google Dork:

“Developed and maintained by Gcon Tech Solutions"

 

Product Introduction Overview:

“Over the years we have developed business domain knowledge various business areas. We provide Development Services either on time and material or turn-key fixed prices basis, depending on the nature of the project. Application Development Services offered by Gcon Tech Solutions help streamline business processes, systems and information. Gcon Tech Solutions has a well-defined and mature application development process, which comprises the complete System Development Life Cycle (SDLC) from defining the technology strategy formulation to deploying, production operations and support. We fulfill our client’s requirement firstly from our existing database of highly skilled professionals or by recruiting the finest candidates locally. We analyze your business requirements and taking into account any constraints and preferred development tools, prepare a fixed price quote. This offers our customers a guaranteed price who have a single point contact for easy administration. We adopt Rapid Application Development technique where possible for a speedy delivery of the Solutions. Salient Features of Gcon Tech Solutions Application Development Services: (a) Flexible and Customizable. (b) Industry driven best practices. (c) Knowledgebase and reusable components repository. (d) Ensure process integration with customers at project initiation"

 

 

 

(2) Vulnerability Details:

Gcon Tech Solutions web application has a computer cyber security bug problem. It can be exploited by SQL Injection attacks. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

Several other similar products 0-day vulnerabilities have been found by some other bug hunter researchers before. Gcon Tech Solutions has patched some of them. CXSECurity is a huge collection of information on data communications safety. Its main objective is to inform about errors in various applications. It also publishes suggestions, advisories, solutions details related to SQL Injection vulnerabilities and cyber intelligence recommendations.

 

(2.1) The first programming code flaw occurs at “content.php?" page with “&id" parameter.

 

 

 

 

 

References:

http://www.tetraph.com/security/sql-injection-vulnerability/gcon-tech-solutions-v1-0-sql/

http://securityrelated.blogspot.com/2015/05/gcon-tech-solutions-v10-sql.html

http://www.diebiyi.com/articles/security/gcon-tech-solutions-v1-0-sql/

http://www.inzeed.com/kaleidoscope/computer-web-security/gcon-tech-solutions-v1-0-sql/

http://computerobsess.blogspot.com/2015/05/gcon-tech-solutions-v10-sql.html

https://itswift.wordpress.com/2015/05/23/gcon-tech-solutions-v1-0-sql/

http://whitehatpost.blog.163.com/blog/static/242232054201542455422939/

https://webtechwire.wordpress.com/2015/05/24/gcon-tech-solutions-v1-0-sql/

https://www.mail-archive.com/fulldisclosure%40seclists.org/msg01766.html

http://cxsecurity.com/issue/WLB-2015040036

http://seclists.org/fulldisclosure/2015/May/32

https://www.bugscan.net/#!/x/21454

http://lists.openwall.net/full-disclosure/2015/05/08/8

http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1955

 

Web Technology Wire

gconts_sql2

Gcon Tech Solutions v1.0 SQL Injection Web Security Vulnerabilities

Exploit Title: Gcon Tech Solutions v1.0 content.php? &id Parameter SQL Injection Security Vulnerabilities

Product: Gcon Tech Solutions

Vendor: Gcon Tech Solutions

Vulnerable Versions: v1.0

Tested Version: v1.0

Advisory Publication: May 24, 2015

Latest Update: May 24, 2015

Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) [CWE-89]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)

Impact Subscore: 6.4

Exploitability Subscore: 10.0

Writer and Reporter: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

Recommendation Details:

(1) Vendor & Product Description:

Vendor:

Gcon Tech Solutions

Product & Vulnerable Versions:

Gcon Tech Solutions

v1.0

Vendor URL & Download:

Gcon Tech Solutions can be obtained from here,

http://www.gconts.com/Development.htm

Google Dork:

“Developed and maintained by Gcon Tech Solutions"

Product Introduction Overview:

“Over the years…

View original post 詳見內文:約319字

phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

phpwind_xss1

 

phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

 

Exploit Title: phpwind v8.7 goto.php? &url Parameter XSS Security Vulnerabilities

Product: phpwind

Vendor: phpwind

Vulnerable Versions: v8.7

Tested Version: v8.7

Advisory Publication: May 25, 2015

Latest Update: May 25, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type: Allows unauthorized modification

Writer and Reporter: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

 

 

 

Caution Details:

 

(1) Vendor & Product Description:

Vendor:

phpwind

 

Product & Vulnerable Versions:

phpwind

v8.7

 

Vendor URL & Download:

Product can be obtained from here,

http://www.phpwind.net/thread/166

 

Product Introduction Overview:

“phpwind (abbreviation: pw) is a program based on PHP and MySQL open source community, and is one of the most popular general-Forum. phpwind ofstar first version was released in 2004. As of December 2013 phpwind brand items calculated by Ali cloud Co., Ltd. has, fully free open source software. Now accumulated more than one million websites use phpwind products, of which nearly 100,000 active website. Since the 2011 release PHPWind8.x series version, phpwind enhance community around the content value and promote community e-commerce two general direction of the development of multi-mode single-core products and achieve new forms of community. 2012 preparations for the release of phpwind9.0 will use self-developed Windframework phpwind framework and integrated computing architecture and so on Ali community cloud platform application center will provide a variety of solutions for future communities.

Today, the country’s 200,000 worth of small sites, there are nearly 100,000 community site uses phpwind, has accumulated more than one million sites use phpwind, there are 1,000 new sites every day use phpwind. These community sites covering 52 types of trades every day one million people gathered in phpwind build community, issued 50 million new information, visit more than one billion pages.

National Day PV30 million or more in 1000 about a large community, there are more than 500 sites selected phpwind station software provided, including by scouring link Amoy satisfaction, a daily e-commerce and marketing groups, and other on-line product vigorously increase in revenue for the site. Excellent partners, such as Xiamen fish, of Long Lane, Erquan network, Kunshan forum, the North Sea 360, Huizhou West Lake, Huashang like."

 

 

 

(2) Vulnerability Details:

phpwind web application has a computer cyber security bug problem. It can be exploited by XSS attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user’s browser session within the trust relationship between their browser and the server.

Several other similar products 0-day vulnerabilities have been found by some other bug hunter researchers before. phpwind has patched some of them. CXSECurity is a huge collection of information on data communications safety. Its main objective is to inform about errors in various applications. It also publishes suggestions, advisories, solutions details related to XSS vulnerabilities and cyber intelligence recommendations.

 

(2.1) The first programming code flaw occurs at “&url" parameter in “/goto.php?" page.

 

 

 

 

 

References:

http://www.tetraph.com/security/xss-vulnerability/phpwind-v8-7-xss/

http://www.inzeed.com/kaleidoscope/computer-security/phpwind-v8-7-xss/

https://webtechwire.wordpress.com/2015/05/24/phpwind-v8-7-xss/

http://diebiyi.com/articles/security/phpwind-v8-7-xss/

http://securityrelated.blogspot.com/2015/05/phpwind-v87-xss.html

https://www.facebook.com/permalink.php?story_fbid=939922519396264&id=874373602617823

https://itswift.wordpress.com/2015/05/24/phpwind-v8-7-xss/

https://www.mail-archive.com/fulldisclosure%40seclists.org/msg01904.html

http://whitehatpost.blog.163.com/blog/static/24223205420154248491580/

http://cxsecurity.com/issue/WLB-2015040033

http://seclists.org/fulldisclosure/2015/Apr/38

https://www.facebook.com/essayjeans/posts/832797850144702

https://www.bugscan.net/#!/x/21257

http://lists.openwall.net/full-disclosure/2015/04/05/9

http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1954

Web Technology Wire

phpwind_xss1

phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

Exploit Title: phpwind v8.7 goto.php? &url Parameter XSS Security Vulnerabilities

Product: phpwind

Vendor: phpwind

Vulnerable Versions: v8.7

Tested Version: v8.7

Advisory Publication: May 25, 2015

Latest Update: May 25, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type: Allows unauthorized modification

Writer and Reporter: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

Caution Details:

(1) Vendor & Product Description:

Vendor:

phpwind

Product & Vulnerable Versions:

phpwind

v8.7

Vendor URL & Download:

Product can be obtained from here,

http://www.phpwind.net/thread/166

Product Introduction Overview:

“phpwind (abbreviation: pw) is a program based on…

View original post 詳見內文:約398字

phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities

phpwind_xss2

 

phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities

 

Exploit Title: phpwind v8.7 goto.php? &url Parameter Open Redirect Security Vulnerabilities

Product: phpwind

Vendor: phpwind

Vulnerable Versions: v8.7

Tested Version: v8.7

Advisory Publication: May 25, 2015

Latest Update: May 25, 2015

Vulnerability Type: URL Redirection to Untrusted Site (‘Open Redirect’) [CWE-601]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 5.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:N) (legend)

Impact Subscore: 4.9

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification

Writer and Reporter: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

 

 

 

Caution Details:

 

(1) Vendor & Product Description:

Vendor:

phpwind

 

Product & Vulnerable Versions:

phpwind

v8.7

 

Vendor URL & Download:

Product can be obtained from here,

http://www.phpwind.net/thread/166

 

Product Introduction Overview:

“Today, the country’s 200,000 worth of small sites, there are nearly 100,000 community site uses phpwind, has accumulated more than one million sites use phpwind, there are 1,000 new sites every day use phpwind. These community sites covering 52 types of trades every day one million people gathered in phpwind build community, issued 50 million new information, visit more than one billion pages. National Day PV30 million or more in 1000 about a large community, there are more than 500 sites selected phpwind station software provided, including by scouring link Amoy satisfaction, a daily e-commerce and marketing groups, and other on-line product vigorously increase in revenue for the site. Excellent partners, such as Xiamen fish, of Long Lane, Erquan network, Kunshan forum, the North Sea 360, Huizhou West Lake, Huashang like.

phpwind recent focus on strengthening community media value, expand e-commerce applications community. phpwind focus on small sites to explore the value of integration and applications, we believe that the website that is community, the community can provide a wealth of applications to meet people access to information, communication, entertainment, consumer and other living needs, gain a sense of belonging, become online home . With the development of the Internet, in the form of the site will be more abundant, the integration of the Forum, more forms of information portals, social networking sites, we will integrate these applications to products which, and to create the most optimized user experience. phpwind mission is to make the community more valuable, so that more people enjoy the convenience of the Internet community in order to enhance the quality of life."

 

 

 

(2) Vulnerability Details:

phpwind web application has a computer cyber security bug problem. It can be exploited by Unvalidated Redirects and Forwards (URL Redirection) attacks. This could allow a user to create a specially crafted URL, that if clicked, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker’s choosing. Such attacks are useful as the crafted URL initially appear to be a web page of a trusted site. This could be leveraged to direct an unsuspecting user to a web page containing attacks that target client side software such as a web browser or document rendering programs.

Several other similar products 0-day vulnerabilities have been found by some other bug hunter researchers before. phpwind has patched some of them. The Full Disclosure mailing list is a public forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. FD differs from other security lists in its open nature and support for researchers’ right to decide how to disclose their own discovered bugs. The full disclosure movement has been credited with forcing vendors to better secure their products and to publicly acknowledge and fix flaws rather than hide them. Vendor legal intimidation and censorship attempts are not tolerated here! It also publishs suggestions, advisories, solutions details related to Open Redirect vulnerabilities and cyber intelligence recommendations.

 

(2.1) The first programming code flaw occurs at “&url" parameter in “/goto.php?" page.

 

 

 

 

 

References:

http://www.tetraph.com/security/open-redirect/phpwind-v8-7-open-redirect/

http://securityrelated.blogspot.com/2015/05/phpwind-v87-xss.html

http://www.inzeed.com/kaleidoscope/computer-security/phpwind-v8-7-open-redirect/

https://www.facebook.com/permalink.php?story_fbid=836880753013969&id=767438873291491

https://webtechwire.wordpress.com/2015/05/24/phpwind-v8-7-open-redirect-2/

http://diebiyi.com/articles/security/phpwind-v8-7-open-redirect/

https://www.mail-archive.com/fulldisclosure%40seclists.org/msg01741.html

https://itswift.wordpress.com/2015/05/24/phpwind-v8-7-open-redirect/

http://whitehatpost.blog.163.com/blog/static/242232054201542495731506/

http://cxsecurity.com/issue/WLB-2015030028

http://seclists.org/fulldisclosure/2015/Apr/35

http://www.openwall.com/lists/oss-security/2015/05/22/7

http://permalink.gmane.org/gmane.comp.security.oss.general/16883

https://www.facebook.com/websecuritiesnews/posts/796475067139332

http://computerobsess.blogspot.com/2015/05/phpwind-v87-open-redirect.html

http://lists.openwall.net/full-disclosure/2015/04/15/1

http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1841

Web Technology Wire

phpwind_xss2

phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities

Exploit Title: phpwind v8.7 goto.php? &url Parameter Open Redirect Security Vulnerabilities

Product: phpwind

Vendor: phpwind

Vulnerable Versions: v8.7

Tested Version: v8.7

Advisory Publication: May 25, 2015

Latest Update: May 25, 2015

Vulnerability Type: URL Redirection to Untrusted Site (‘Open Redirect’) [CWE-601]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 5.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:N) (legend)

Impact Subscore: 4.9

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification

Writer and Reporter: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

Caution Details:

(1) Vendor & Product Description:

Vendor:

phpwind

Product & Vulnerable Versions:

phpwind

v8.7

Vendor URL & Download:

Product can be obtained from here,

View original post 詳見內文:約536字

Covert Redirect Mengancam OAuth 2.0 dan OpenID

Covert Redirect Mengancam OAuth 2.0 dan OpenID

Pada Jumat lalu, Wang Jing, seorang mahasiswa program PhD di Nanyang Technological University di Singapura, menerbitkan sebuah laporan yang memjabarkan tentang metode serangan yang disebut dengan “Covert Redirect” dan memperkenalkannya sebagai kerentanan atau vulnerable di OAuth 2.0 dan OpenID.
 

1881159

 
Cara kerja OAuth 2.0 dan OpenID sendiri adalah dengan memberikan akses bagi pengguna layanan ini untuk mendapatkan domain yang dapat mengakses menggunakan kredensial yang telah ada kepada website lain seperti Facebook, Google, Microsoft atau LinkedIn. Dengan akses yang didapatkan pengguna layanan ini dapat menghapus sebuah akun dan menggantinya dengan akun yang baru.

 

http://www.inzeed.com/kaleidoscope/computer-security/covert-redirect-mengancam-oauth-2-0-dan-openid/

比翼鳥資訊 - 在天願作比翼鳥 在地願為連理枝

Covert Redirect Mengancam OAuth 2.0 dan OpenID

Pada Jumat lalu, Wang Jing, seorang mahasiswa program PhD di Nanyang Technological University di Singapura, menerbitkan sebuah laporan yang memjabarkan tentang metode serangan yang disebut dengan “Covert Redirect” dan memperkenalkannya sebagai kerentanan atau vulnerable di OAuth 2.0 dan OpenID. Namun ini bukan pertama kalinya masalah mengenai ini diangkat dan ini tidak seburuk Heartbleed.

computer-code2

Cara kerja OAuth 2.0 dan OpenID sendiri adalah dengan memberikan akses bagi pengguna layanan ini untuk mendapatkan domain yang dapat mengakses menggunakan kredensial yang telah ada kepada website lain seperti Facebook, Google, Microsoft atau LinkedIn. Dengan akses yang didapatkan pengguna layanan ini dapat menghapus sebuah akun dan menggantinya dengan akun yang baru.

http://essaybeans.lofter.com/post/1cc77d20_439424e

View original post

एक अन्य Heartbleed?वेब सुरक्षा में पाया दोषों, Covert Redirect

比翼鳥資訊 - 在天願作比翼鳥 在地願為連理枝

एक अन्य Heartbleed?वेब सुरक्षा में पाया दोषों, Covert Redirect

इंटरनेट अब भी Heartbleed बग से जूझ रहा है, जबकि सुरक्षा प्रोटोकॉल OAuth 2.0 और OpenID में एक प्रमुख नए भेद्यता खोज की गई है.

internet-computer-security

सिंगापुर में नानयांग प्रौद्योगिकी विश्वविद्यालय की पीएचडी की छात्रा वांग जिंग हैकर्स उपयोगकर्ताओं को जानने के बिना प्रवेश जानकारी चोरी करने की कोशिश में फ़िशिंग तकनीक का उपयोग करने की अनुमति देता है कि एक बग देखा.

बग अनिवार्य रूप से साइबर अपराधी के बजाय डोमेन faking के अधिक आम रणनीति का एक फ़िशिंग पॉपअप सत्ता में असली वेबसाइट प्रमाणीकरण का उपयोग करने की अनुमति देता है.इस प्रक्रिया में, हैकर्स उपयोगकर्ता के लॉगिन क्रेडेंशियल प्राप्त होगा.

http://essayjeans.lofter.com/post/1cc7459a_43bf99e

View original post

하트블리드 이어 ‘오픈ID’와 ‘오쓰(OAuth)’서도 심각한 보안 결함

covert_redirect_logo_tetraph


‘하트블리드(Heartbleed)’ 버그에 이어 가입자 인증 및 보안용 오픈소스 SW인 ‘오픈ID’와‘오쓰(OAuth)’에도 심각한 결함이 발견됐다고 씨넷, 벤처비트 등 매체들이 보도했다.

 

싱 가폴난양대학교에 재학중인 ‘왕 징(Wang Jing)’ 박사는 수 많은 웹사이트와 구글, 페이스북, 링크드인, MS, 페이팔 등에서 사용하고 있는 로그인 툴인 ‘OAuth’와‘오픈ID’에 치명적인 결함이 발견됐다고 밝혔다. ‘코버트리디렉트(Covert Redirect)’라고 일컬어지는 이 결함은 감염된 도메인의 로그인 팝업을 통해 해킹이 이뤄진다.

 

가 령 인터넷 사용자들이 악의적인 피싱 사이트를 클릭하면 가입자 인증을 위해 페이스북 팝업 윈도가 뜨는데 가입자를 속이 기위해 가짜 도메인 이름을 사용하는 것이 아니라 진짜 사이트의 도메인을 활용한다고 한다. 만일 가입자가 로그인을 하면 합법적인 사이트가 아니라 피싱사이트로 e메일 주소, 생일, 연락처 등 개인 정보들이 흘러들어간다.

 

왕 은 페이스북 등 업체에 이 같은 결함을 알렸으며 페이스북은 결함이 OAuth 2.0가 연관된 것으로 인식하고 있지만 짧은 시간내 해결될 수는 없을 것이란 답을 얻은 것으로 알려졌다. 왕은 이번 결함이 구글, 링크드인, 마이크로소프트, 페이스북, 페이팔 등 다수의 오픈ID와 OAuth를 활용하는 기업들이 영향을 받을 것으로 예상했다.

 

왕 은 “제3의 애플리케이션 개발자들이 화이트리스트를 엄격하게 적용하면 해커 공격의 빌미를 제공하지 않을 것”이라고 말했다. 하지만 “실제로 많은 애플리케이션 개발자들이 여러가지 이유로 이런 조치를 취하지않고 있다는 게 OAuth 2.0과 오픈ID의 결함 문제를 심각하게 만들고 있다”고 덧붙였다.

 

 



 

Xuất hiện lỗ hổng Covert Redirect, bản sao của “Trái tim rỉ máu"

比翼鳥資訊 - 在天願作比翼鳥 在地願為連理枝

Xuất hiện lỗ hổng Covert Redirect, bản sao của “Trái tim rỉ máu"

Một nghiên cứu sinh tại trường Đại học Công nghệ Nanyang (Singapore) vừa phát hiện một lỗ hổng bảo mật tồn tại trong phần mềm mã nguồn mở đang được rất nhiều website sử dụng. Thông tin mới nhất cho thấy lỗ hổng này ảnh hưởng đến cả Google, Facebook, Microsoft, LinkedIn, PayPal và một số công ty lớn khác.

Fast binary output

Wang Jing, nghiên cứu sinh tiến sĩ tại Đại học Công nghệ Nanyang là người phát hiện ra lỗ hổng đang tồn tại trong công cụ đăng nhập mã nguồn mở OAuth và OpenID. Wang Jing gọi lỗ hổng này là “Covert Redirect" (tạm dịch là Bí mật chuyển hướng). Hacker có thể gài mã độc ẩn dưới dạng một cửa sổ pop-up, hiện ra khi người dùng đăng nhập vào một website có lỗ hổng. Chẳng hạn như khi người dùng…

View original post 詳見內文:約36字