| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: dinis at ddplus.net (dinis@...lus.net) Subject: New malware to infect IIS and from there jump to clients With the current (in)security of most (if not all) ISP that provide ASP.Net or ASP Classic shared hosting services, all the attakers need to do is to get an hosting account in a shared hosting server (trivial) and infect these websites from the inside. I haven't heard of any new IIS exploit (which doesn't mean that they don't exist), but compromizing the IIS box from the inside (as seen by the interland story) is probably how this happened. BTW, do you know which ISP hosts the 'compromized' websites? Dinis Cruz .Net Security Consultant DDPlus On Fri, 25 Jun 2004 09:20:34 -0400, Gary Flynn wrote > > Just a reminder. This isn't the first time this has > happened: > > http://www.computerworld.com/securitytopics/security/story/0,10801,84675,00.html?SKC=home84675 > > -- > Gary Flynn > Security Engineer > James Madison University > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: > http://lists.netsys.com/full-disclosure-charter.html ---------------------------------------- Scanned by Emailfiltering.co.uk
Powered by blists - more mailing lists