Security Researcher to Reveal New Web Attack Vector

Look in this specific forum for newly found security threats which may not yet be covered by your usual security software

Moderators: Admin Team, Moderators

User avatar
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ

Security Researcher to Reveal New Web Attack Vector

Postby TeMerc » Fri Nov 07, 2008 1:12 pm

By Brian Prince

Security researcher Stephan Chenette of Websense says he has found a new way to slip Web exploits by client or gateway defenses. He calls the technique script fragmentation and says the attack vector is similar to the TCP fragmentation attacks that gained notoriety years ago. Chenette will make a presentation of his findings next week at the PacSec security conference in Tokyo.

His attack method is reminiscent of TCP fragmentation attacks and involves breaking down Web exploits into smaller pieces and distributing them in a synchronous manner to evade signature detection. According to Chenette, the attack can be performed without any special tools or add-ons.

“There’s no big chunk of maliciousness to it [where] there’s enough information there that anybody who’s looking at it, either signature or [with behavioral analysis], will really make any sense of it to say, ‘this is malicious,’” he explained.

Chenette said he tested the technique on all the major browsers, including Internet Explorer, Firefox and Safari, and found all were susceptible. Strictly speaking, however, it is not a browser vulnerability – it only takes advantage of the way Web browsers and applications operate.

nwz Continued @ eWeek


Who is online

Users browsing this forum: No registered users and 1 guest