Avast WEBforum

Other => Viruses and worms => Topic started by: polonus on November 10, 2015, 06:57:03 PM

Title: Script vulnerable, also used as attack script?
Post by: polonus on November 10, 2015, 06:57:03 PM

See: http://killmalware.com/3-tari.com/
See: https://www.virustotal.com/nl/url/79ccb979eff330a4c1ab214b852a311dffe3e06968261ee4a9cb482f151df26b/analysis/
See: https://www.virustotal.com/nl/file/c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776/analysis/
To be used securely?
Consider: -https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Detected libraries:
jquery - 1.6.1 : -https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Info: Severity: medium
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
1 vulnerable library detected

See: http://www.domxssscanner.com/scan?url=https%3A%2F%2Fajax.googleapis.com%2Fajax%2Flibs%2Fjquery%2F1.6.1%2Fjquery.min.js
can be abused to embed keylogger code..and clickjacking vulnerability.

polonus

Title: Re: Script vulnerable, also used as attack script?
Post by: polonus on November 10, 2015, 07:22:18 PM

Where we find a likewise vulnerable library:
-http://www.pupha.net/
Detected libraries:
jquery-migrate - 1.2.1 : -http://www.pupha.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 1.11.3 : -http://www.pupha.net/wp-includes/js/jquery/jquery.js?ver=1.11.3
1 vulnerable library detected

Is this patched: all-in-one-seo-pack   latest release (2.2.7.2)
http://semperfiwebdesign.com  100 % id-trackjing going on via this link: -http://jvn.jp/rss/jvnbox.js

pol