http://pierre.lacave.me/index.php? en Sat, 04 Sep 2010 08:00:26 +0100 http://blogs.law.harvard.edu/tech/rss Dotclear http://pierre.lacave.me/index.php?post/2010/01/18/Aurora-in-action urn:md5:f96cb63c7a583d51df46fb68badf6eae Mon, 18 Jan 2010 07:07:00 +0000 Pierre Lacave Security <p>the IE exploit used in the last week attack against google and other american companies is now on Metasploit</p> <p>here a video of aurora (the code name given my McAfee for this exploit)</p> <div class="external-media" style="margin: 1em auto; text-align: center;"> <object type="application/x-shockwave-flash" data="http://vimeo.com/moogaloop.swf?clip_id=8771582" width="640" height="284"> <param name="movie" value="http://vimeo.com/moogaloop.swf?clip_id=8771582" /> <param name="wmode" value="transparent" /> <param name="FlashVars" value="autoplay=0&amp;fullscreen=1&amp;show_title=1&amp;show_byline=1" /> </object> <br />The "Aurora" IE Exploit in Action </div> http://pierre.lacave.me/index.php?post/2010/01/18/Aurora-in-action#comment-form http://pierre.lacave.me/index.php?post/2010/01/18/Aurora-in-action#comment-form http://pierre.lacave.me/index.php?feed/atom/comments/13 http://pierre.lacave.me/index.php?post/2009/10/26/Web-Application-Security-Consortium-%28WASC%29-2008-report urn:md5:f0f6d4f28eaeea85763a31789d6fa457 Mon, 26 Oct 2009 13:34:00 +0000 Pierre Lacave Security <p>The Web Application Security Consotium has announced the statistics for 2008.</p> <p>The statistics includes data about 12186 web applications with 97554 detected vulnerabilities of different risk levels. The analysis shows that more than 13%* of all reviewed sites can be compromised completely automatically. About 49% of web applications contain vulnerabilities of high risk level (Urgent and Critical) detected during automatic scanning However, detailed manual and automated assessment by white box method allows to detect these high risk level vulnerabilities with probability up to 80-96%. The probability to detect vulnerabilities with risk level more than medium (PCI DSS compliance level) is more than 86% by any method. At the same time, detailed analysis shows that 99% of web applications are not compliant with PCI DSS standard.</p> <p>The most widespread vulnerabilities are Cross-Site Scripting, Information Leakage, SQL Injection, Insufficient Transport Layer Protection, Fingerprinting и HTTP Response Splitting. As a rule, Cross-Site Scripting, SQL Injection and HTTP Response Splitting vulnerabilities are caused by design errors, while Information Leakage, Insufficient Transport Layer Protection and Fingerprinting are often caused by insufficient administration (e.g., access control).</p> <blockquote><p>The probability to detect vulnerabilities of different risk levels <img src="http://pierre.lacave.me/public/image1.png" alt="t1" style="display:block; margin:0 auto;" title="t1, oct. 2009" /></p></blockquote> <blockquote><p>The most widespread vulnerabilities in web applications (% Vulns ALL) <img src="http://pierre.lacave.me/public/image2.png" alt="image2.png" style="display:block; margin:0 auto;" title="image2.png, oct. 2009" /></p></blockquote> <blockquote><p>The probability to detect the most widespread vulnerabilities in web applications (% Sites ALL) <img src="http://pierre.lacave.me/public/image3.png" alt="image3.png" style="display:block; margin:0 auto;" title="image3.png, oct. 2009" /></p></blockquote> <blockquote><p>Percent of vulnerabilities out of total number of vulnerabilities (% Vulns ALL) <img src="http://pierre.lacave.me/public/image4.png" alt="image4.png" style="display:block; margin:0 auto;" title="image4.png, oct. 2009" /></p></blockquote> <blockquote><p>The probability to detect vulnerabilities depending on their origin <img src="http://pierre.lacave.me/public/image5.png" alt="image5.png" style="display:block; margin:0 auto;" title="image5.png, oct. 2009" /></p></blockquote> <blockquote><p>The probability to detect the most risky vulnerabilities in Web applications (% Sites BlackBox &amp; WhiteBox) <img src="http://pierre.lacave.me/public/image9.png" alt="image9.png" style="display:block; margin:0 auto;" title="image9.png, oct. 2009" /></p></blockquote> <p>Source&nbsp;: <a href="http://projects.webappsec.org">projects.webappsec.org</a></p> http://pierre.lacave.me/index.php?post/2009/10/26/Web-Application-Security-Consortium-%28WASC%29-2008-report#comment-form http://pierre.lacave.me/index.php?post/2009/10/26/Web-Application-Security-Consortium-%28WASC%29-2008-report#comment-form http://pierre.lacave.me/index.php?feed/atom/comments/8