[WEB SECURITY] MSN site hacked in South Korea

Ofer Shezaf Ofer.Shezaf at breach.com
Thu Jun 9 19:05:10 EDT 2005


I can do that. 

I think that the best thing would be to classify the according to
WASC-TC. I will start working on the existing material next week.

~ Ofer

Ofer Shezaf
CTO, Breach Security
Phone (US): +1 (760) 268.1924 ext. 702
Phone (Israel): +972 (9) 956.0036 ext.212
Cell: +972 (54) 443.1119
ofers at breach.com
http://www.breach.com


> -----Original Message-----
> From: Jeremiah Grossman [mailto:jeremiah at whitehatsec.com]
> Sent: Wednesday, June 08, 2005 7:36 PM
> To: websecurity at webappsec.org
> Subject: Re: [WEB SECURITY] MSN site hacked in South Korea
> 
> 
> It looked to me like the MSN Korea Web site was an "incident", while
> the Hotmail XSS news stories were a "disclosure". I've added the links
> I'm aware of under the appropriate sections. Thanks for the submission
> Ofer
> 
> Real World Web Hacking URL's
> http://www.webappsec.org/documents/real_world_web_hacking.shtml
> 
> 
> About your comment on adding the vulnerability/attack information to
> each link, I think its a great idea. Actually, some of the link
> submissions I received originally had this data included.  To get a
> more consistent set, we'd need some assistance to review each news
> story and apply a best guess. Anyone on the list want to volunteer?
> 
> Regards,
> 
> Jeremiah-
> 
> 
> 
> On Wednesday, June 8, 2005, at 02:07  AM, Ofer Shezaf wrote:
> 
> >
> > Well, not just in South Korea
> >
> > http://www.pcmag.com/article2/0,1759,1825250,00.asp
> >
> > Jeremiah, can you add it to the "Real World Web Hacking URL's" page?
> > Another idea regarding this page is to try to categorize it by the
> > vulnerability type, which would provide an interesting statistics
for
> > the eternal debate about "which vulnerability is most common"
> >
> > ~ Ofer
> >
> > ---
> > MSN Site Flaw Exposes Hotmail Accounts to Prying Eyes
> > 06.07.05   Total posts: 1
> >
> > By Libe Goad
> > One week after hackers exploited a weakness in the MSN Korea Web
site,
> > Microsoft admitted to taking down part of its MSN site over the
weekend
> > after learning about a flaw that would allow hackers to access
Hotmail
> > accounts.
> > Reports say the MSN Web site, ilovemessenger.msn.com, contained a
> > cross-site scripting flaw. That means someone could potentially use
to
> > site to obtain user data via "cookies," or bits of user data, by
having
> > MSN customers click on a malicious URL. Once someone clicked the
URL,
> > hackers would be able to access their personal e-mail accounts.
> >
> >
> >
> > Ofer Shezaf
> > CTO, Breach Security
> > Phone (US): +1 (760) 268.1924 ext. 702
> > Phone (Israel): +972 (9) 956.0036 ext.212
> > Cell: +972 (54) 443.1119
> > ofers at breach.com
> > http://www.breach.com
> >
> >> -----Original Message-----
> >> From: zeno at cgisecurity.net [mailto:zeno at cgisecurity.net]
> >> Sent: Friday, June 03, 2005 5:54 AM
> >> To: websecurity at webappsec.org
> >> Subject: [WEB SECURITY] MSN site hacked in South Korea
> >>
> >> Just found this on cnn a few minutes ago.
> >>
> >> "WASHINGTON (AP) -- Microsoft acknowledges that hackers
booby-trapped
> > its
> >> MSN Web site in South Korea
> >> to steal passwords from visitors. The company says it was unclear
how
> > many
> >> Internet users might have
> >> been victimized."
> >>
> >> ...
> >>
> >> "The Korean site, unlike U.S. versions, was operated by another
> > company,
> >> which Microsoft did not identify.
> >> Microsoft's own experts and Korean police were investigating, but
> >> Microsoft believes the computers were
> >> vulnerable because operators failed to apply necessary software
> > patches,
> >> said Sohn, an MSN director."
> >>
> >> http://www.cnn.com/2005/TECH/06/02/ms.hack.ap/index.html
> >>
> >>
> >>
> >>
> >> - zeno
> >> http://www.cgisecurity.com
> >>
> >>
---------------------------------------------------------------------
> >> The Web Security Mailing List
> >> http://www.webappsec.org/lists/websecurity/
> >>
> >> The Web Security Mailing List Archives
> >> http://www.webappsec.org/lists/websecurity/archive/
> >
> >
> >
---------------------------------------------------------------------
> > The Web Security Mailing List
> > http://www.webappsec.org/lists/websecurity/
> >
> > The Web Security Mailing List Archives
> > http://www.webappsec.org/lists/websecurity/archive/
> >
> 
> 
> ---------------------------------------------------------------------
> The Web Security Mailing List
> http://www.webappsec.org/lists/websecurity/
> 
> The Web Security Mailing List Archives
> http://www.webappsec.org/lists/websecurity/archive/


---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/



More information about the websecurity mailing list