New Exploit Uses JavaScript To Compromise Intranets, VPNs

New Exploit Uses JavaScript To Compromise Intranets, VPNs 87

Posted by timothy on Thursday June 11, 2009 @06:40PM from the criminal-enterprises-deal-in-cache dept.

redsoxh8r writes "Security researcher Robert Hansen, known as Rsnake, has developed a new class of attack that abuses a weakness in many corporate intranets and most browsers to compromise remote machines with persistent JavaScript backdoors. Threatpost reports: 'The attacks rely on the long-term caching policies of some browsers and take advantage of the collisions that can occur when two different networks use the same non-routable IP address space, which happens fairly often because the amount of address space is quite small. The bottom line is that even a moderately skilled attacker has the ability to compromise remote machines without the use of any vulnerability or weakness in the client software.'"

New Exploit Uses JavaScript To Compromise Intranets, VPNs

Search 87 Comments Log In/Create an Account

Comments Filter:

Phew! (Score:5, Funny)

by unifyingtheory ( 1357069 ) writes: on Thursday June 11, 2009 @06:46PM (#28301775) Homepage

Good thing I don't use the Internet.

Re:You need your eyes examined (Score:4, Funny)

by Anonymous Coward writes: on Thursday June 11, 2009 @08:44PM (#28302907)

That's not what the ladies say... ;)

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

New Exploit Uses JavaScript To Compromise Intranets, VPNs 87

New Exploit Uses JavaScript To Compromise Intranets, VPNs More Login

New Exploit Uses JavaScript To Compromise Intranets, VPNs

Phew! (Score:5, Funny)

Re:You need your eyes examined (Score:4, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot