Security Incidents mailing list archives
MS06-044 XSS exploits in the wild
From: "Moyer, Shawn - St. Louis, MO" <shawn.moyer () stl usda gov>
Date: Fri, 22 Dec 2006 11:26:15 -0600
We have seen a number of XSS exploit attempts with MS06-044 payloads in the past few days. Several are using the site below to load payloads. The attackers appear to be compromising small ecommerce sites via SQL injection vulns and then loading the XSS from there. The code is hosted on the site below, and loads payloads for IE / MS06-044 and Firefox 1.5.4 and 1.0.4. http://ijk.cc./E/ -- shawn Shawn Moyer, CISSP CCNA CNIE OCIO :: ITS :: Operations Security 1520 Market Street (FC-432B) Saint Louis, MO, 63103
Current thread:
- MS06-044 XSS exploits in the wild Moyer, Shawn - St. Louis, MO (Dec 22)