'[Full-disclosure] Xanga Hit By Script Worm?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] Xanga Hit By Script Worm?
From:       Matthew Murphy <mattmurphy () kc ! rr ! com>
Date:       2005-12-31 6:04:23
Message-ID: 43B61F67.1080200 () kc ! rr ! com
[Download RAW message or body]

[Attachment #2 (multipart/signed)]


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Haven't seen this discussed as yet, but it appears Xanga has been hit by
a cross-site scripting (XSS) worm similar to what hit MySpace recently...

http://blogs.securiteam.com/index.php/archives/166

I will post information to the blog as I am able to figure out more
about what it does.

- --
"Social Darwinism: Try to make something idiot-proof,
nature will provide you with a better idiot."

                                -- Michael Holstein

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDth9mfp4vUrVETTgRA38UAJ9TX7oEL8O6WGggLjg4YF+OfxCCyQCfbZ3E
H2RA/+cHJB7aXLflIk5H7a0=
=ZO2a
-----END PGP SIGNATURE-----

["smime.p7s" (application/x-pkcs7-signature)]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic