McAfee Gets Worked. Hard.

No replies
Tue, 05/05/2009 - 17:51
Patrick Gray
Patrick Gray's picture
User is online Online
Veteran Member
BloggerNetcasterSite Owner
Joined: 03/02/2009
Topic Source: 
McAfee Gets Worked. Hard.

Security software maker McAfee is an industry laughing stock following the disclosure of embarrassing security vulnerabilities in its websites.

A Cross Site Request Forgery (CSRF) vulnerability uncovered in McAfee's "secure" vulnerability scanning portal would have allowed attacker to take control of client accounts.

To fall victim to such an attack the target would have to be logged in to their McAfee account and browse to a malicious website that exploited the CSRF bug.

Top

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters (without spaces) shown in the image.