Lexa Software: Security-Alerts@yandex-team.ru archive

		Apache-Talk @lexa.ru
		Inet-Admins @info.east.ru
		Filmscanners @halftone.co.uk
		Security-alerts @yandex-team.ru
		nginx-ru @sysoev.ru

СТАТЬИ

ПЕРСОНАЛЬНОЕ

ПРОГРАММЫ

ПИШИТЕ
ПИСЬМА

АРХИВ :: Security-alerts

Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [WEB SECURITY] Russian hackers broke into a RI GOV website

To: <security-alerts@xxxxxxxxxxxxxx>
Subject: [security-alerts] FW: [WEB SECURITY] Russian hackers broke into a RI GOV website
From: "Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>
Date: Wed, 1 Feb 2006 18:23:01 +0300
Content-class: urn:content-classes:message
List-archive: <http://www.lexa.ru/security-alerts/> (Web Archive)
List-id: <security-alerts.yandex-team.ru>
List-subscribe: <mailto:majordomo@yandex-team.ru?body=subscribe%20security-alerts>
List-unsubscribe: <mailto:majordomo@yandex-team.ru?body=unsubscribe%20security-alerts>
Thread-index: AcYmu99XhT5TGRaOTYqES9OGarKvNgAABtnwACG7yQA=
Thread-topic: [WEB SECURITY] Russian hackers broke into a RI GOV website


> -----Original Message-----
> From: Evans, Arian [mailto:Arian.Evans@xxxxxxxxxxxxxxxxxxx] 
> Sent: Wednesday, February 01, 2006 2:21 AM
> To: Jeremiah Grossman; websecurity@xxxxxxxxxxxxx
> Subject: RE: [WEB SECURITY] Russian hackers broke into a RI 
> GOV website
> 
> The details are explicit. It is a dynamic SQL query in PHP
> to a mySQL backend. Screenshots, syntax, and details in
> Russian right here:
> 
> http://www.xakep.ru/post/29550/default.asp 
> 
> For some befuddled english you can cut and paste the URL
> right here into this app:
> 
> http://www.appliedlanguage.com/free_translation.shtml
> 
> Circa y2k SQLi. Do we consider this old school yet?
> 
> -ae
> 
> > -----Original Message-----
> > From: Jeremiah Grossman [mailto:jeremiah@xxxxxxxxxxxxxxx] 
> > Sent: Tuesday, January 31, 2006 4:11 PM
> > To: websecurity@xxxxxxxxxxxxx
> > Subject: [WEB SECURITY] Russian hackers broke into a RI GOV website
> > 
> > 
> > 
> > "Hackers broke into the official Rhode Island state government Web  
> > site, www.ri.gov late last month and stole 4,117 credit card 
> > numbers,  
> > according to New England Interactive (NEI), the company 
> that manages  
> > the site."
> > 
> > The "how they did it" details are scarce, but the following quote  
> > makes me think SQL Injection or something similar.
> > 
> > "We discovered the breach on Dec. 28," said NIC spokesman 
> > Chris Neff.  
> > "It was due to an error in a line of software code that our local  
> > office in Rhode Island that manages the state's portal [NEI] had  
> > written. So we immediately closed that breach, fixed that 
> error and  
> > initiated a deeper investigation, including a follow-up 
> > security scan  
> > of the entire site."
> > 
> > 
> > Hackers steal credit card info from R.I. Web site
> > http://www.fcw.com/article92132-01-27-06-Web
> > 
> > State gov't site hacked, credit card numbers stolen
> > http://www.networkworld.com/news/2006/013006-state-site-hacked.html
> > 
> > 
> > Credit card numbers stolen off state Web site
> > Thousands stolen from Rhode Island site run by contractor
> > http://www.msnbc.msn.com/id/11064775/from/ET/
> > 
> > 
> > 
> > Regards,
> > 
> > Jeremiah Grossman
> > Founder and CTO, WhiteHat Security, Inc.
> > www.whitehatsec.com
> > 
> > 
> ---------------------------------------------------------------------
> > The Web Security Mailing List
> > http://www.webappsec.org/lists/websecurity/
> > 
> > The Web Security Mailing List Archives
> > http://www.webappsec.org/lists/websecurity/archive/
> > 
> >

Prev by Date: [security-alerts] FW: Nmap 4.00 Released
Next by Date: [security-alerts] FW: Windows Access Control Demystified
Previous by thread: [security-alerts] FW: Nmap 4.00 Released
Next by thread: [security-alerts] FW: Windows Access Control Demystified
Index(es):
- Date
- Thread