[ISN] [defaced-commentary] ISS Defaced

From: InfoSec News (isnat_private)
Date: Mon May 05 2003 - 22:22:35 PDT

Next message: InfoSec News: "[ISN] Private eyes now on the e-trail"

Previous message: InfoSec News: "[ISN] Software Bullet Is Sought to Kill Musical Piracy"
Next in thread: InfoSec News: "RE: [ISN] [defaced-commentary] ISS Defaced"
Reply: InfoSec News: "RE: [ISN] [defaced-commentary] ISS Defaced"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---------- Forwarded message ----------
Date: Mon, 5 May 2003 18:26:49 -0400 (EDT)
From: security curmudgeon <jerichoat_private>
To: defaced-commentaryat_private
Subject: [defaced-commentary] ISS Defaced

http://www.zone-h.org/en/news/read/id=2657/

Iss.net webdavized... where is the security?

G00db0y www.zone-h.org admin
05/05/2003

Where is the security if also a site of a big security company is hacked?

Today a very well known security company was defaced using the last webdav
vulnerability. You can find more about this vulnerability here:

http://www.microsoft.com/technet/security/bulletin/ms03-007.asp

Internet Security System (www.iss.net) was not hacked in the main server
but in a secondary site. Everywhere USG hacked them.

The USG team replaced the main page with these words: "ISS Hacked By
ShellCode And rD of USG! FUCK BUSH, BLAIR And SHARON AND FUCK ALL WHO
SUPPORT THE WAR... greetz: DKD, FBH, S4t4n1c_S0uls and all who support
us".

You can see by yourself here:

http://xfiw.iss.net

Mirror here:
http://www.zone-h.org/en/defacements/view/id=258882/

-
The information and commentary is Copyright 2002, by the individual author.
Permission is granted to quote, reprint or redistribute provided the text is not
altered, and the author and attrition.org is credited. The opinions expressed
in this mail are not necessarily the opinion of all Attrition staff members.

Commentary Archive: http://www.attrition.org/security/commentary/
The Attrition Mirror: http://www.attrition.org/mirror/attrition/
Country/TLD Statistics: http://www.attrition.org/mirror/attrition/country.html
Attrition Defacement Statistics: http://www.attrition.org/mirror/attrition/stats.html
Operating System Graphs: http://www.attrition.org/mirror/attrition/os-graphs.html

Other Web Defacement Mailing Lists: http://www.attrition.org/security/lists.html
Contacting Attrition Staff: staffat_private

To subscribe to Defaced Commentary, send mail to majordomoat_private
with "subscribe defaced-commentary" in the BODY of the mail (without
quotes). To unsubscribe, include "unsubscribe defaced-commentary" in
the BODY of the mail.

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Private eyes now on the e-trail"
Previous message: InfoSec News: "[ISN] Software Bullet Is Sought to Kill Musical Piracy"
Next in thread: InfoSec News: "RE: [ISN] [defaced-commentary] ISS Defaced"
Reply: InfoSec News: "RE: [ISN] [defaced-commentary] ISS Defaced"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue May 06 2003 - 00:06:05 PDT