Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Blacklisted, vulnerable and malicious website?
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Blacklisted, vulnerable and malicious website? (Read 1253 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34053
malware fighter
Blacklisted, vulnerable and malicious website?
«
on:
March 05, 2016, 12:22:57 AM »
According to latest scans no longer malicious per se.
See:
https://sitecheck.sucuri.net/results/1to1interactive.net
Alerted: Known javascript malware. Details:
http://sucuri.net/malware/entry/mw:js:gen2?web.js.injection.megaadvertize.001
Web server header ifo proliferation: Apache/2.2.31 Unix mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Retirable jQuery library: -http://1to1interactive.net
Detected libraries:
jquery-migrate - 1.2.1 : -http://1to1interactive.net/site/wp-includes/js/jquery/jquery-migrate.min.js?ver=7949efc7e50688089ab43726818f5999
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 1.11.3 : (active1) -http://1to1interactive.net
jquery-ui-dialog - 1.10.2 : (active1) -http://1to1interactive.net
jquery-ui-autocomplete - 1.10.2 : (active1) -http://1to1interactive.net
jquery-ui-tooltip - 1.10.2 : (active1) -http://1to1interactive.net
jquery.prettyPhoto - 3.1.5 : (active1) -http://1to1interactive.net
Info: Severity: high
https://github.com/scaron/prettyphoto/issues/149
https://blog.anantshri.info/forgotten_disclosure_dom_xss_prettyphoto
(active) - the library was also found to be active by running code
2 vulnerable libraries detected
For some scans I get no data.
WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.
ultimate-posts-widget latest release (2.0.5)
http://wordpress.org/plugins/ultimate-posts-widget/
simple-share-buttons-adder latest release (6.1.5)
https://simplesharebuttons.com
contact-form-7 latest release (4.4)
http://contactform7.com/
LayerSlider
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.
Consider:
http://www.domxssscanner.com/scan?url=http%3A%2F%2F1to1interactive.net%2Fsite%2Fwp-includes%2Fjs%2Fwp-embed.min.js%3Fver%3D7949efc7e50688089ab43726818f5999
polonus
«
Last Edit: March 05, 2016, 12:43:55 AM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 34053
malware fighter
Re: Blacklisted, vulnerable and malicious website?
«
Reply #1 on:
March 06, 2016, 10:08:54 PM »
Updated and still with outdated software:
HTTP Server: Apache HTTP Server 2.2.31
Operating System: Unix
PHP Version: 5.3.29 (Outdated)
OpenSSL Version: 1.0.1e-fips
Control Panel: cPanel
Webserver header info proliferation: Apache/2.2.31 Unix mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
-> ssl/http Apache httpd 2.2.31 ((Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4)
http-methods: Potentially risky methods: TRACE
Re:
http://toolbar.netcraft.com/site_report?url=http://1to1interactive.net
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Blacklisted, vulnerable and malicious website?