[ISN] Koizumi Web site made visitors' data vulnerable to hackers

From: InfoSec News (isnat_private)
Date: Fri Mar 15 2002 - 04:24:09 PST

  • Next message: InfoSec News: "Re: [ISN] New Attack Intercepts Wireless Net Messages"

    TOKYO, March 13, Kyodo - The Internet site of Prime Minister Junichiro
    Koizumi's office poses the danger that the personal data of visitors
    to the site can be obtained by hackers, a Web security research
    company said Wednesday.
    The defect was found on the page called ''We Solicit Your Opinions,''
    a segment of the site which is also the source of the e-mail magazine
    of the prime minister, said Vagabond Co. based in Tokyo.
    Vagabond alerted the prime minister's office of the presence of the
    security problem Monday.
    The prime minister's office suspended the operations of the page in
    question on Wednesday, because the Vagabond warning took two days
    before reaching the official in charge of the site, a cabinet official
    The prime minister's office is trying to fix the security defect and
    eliminate the problem by Thursday morning.
    The official said, ''It remains unknown whether personal information
    of the people who visited this site was passed on'' to hackers. ''The
    possibility is very low,'' the official said.
    The official also denied suggestions that personal data of subscribers
    to the premier's e-mail magazine might have been stolen by any hacker.
    Government sources said the site -- until it was suspended -- posed
    the danger that if a hacker had posted a special computer program for
    stealing the personal data of visitors, it could have passed such data
    on to the hacker.
    This possibility of leakage of data to an unguarded Web site is known
    as the vulnerability of cross-site scripting.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Fri Mar 15 2002 - 08:06:31 PST