METAEYE - [metamorphic/security]



SQL Injection Vulnerability In AOL

Vendor: AOL

Severity: Critical

Dated: 2 November 2006

Explanation:

A very definitve SQL injection vulnerability found in the AOL website.When a malformed
input is injected in the URL parameter the relative information regarding database , tables
and various queries are displayed on the web page.

WebsiteAffected:

http://futbolmexicano.deportes.aol.com/apertura2006/home/promo/juegosdejornada.php?t=’

You can see the injection output here HERE

Vendor Status: Reported.The page has been removed.



Orkut help search anomaly.

The search bug or an anomaly of metacharacters again getting proliferating in google
services.This time the bug hits the orkut help search engine.If a long chain of meta
characters are spamdexed the search results occured very definitely.The point of
interrospection is that some time different search strings of metacharacters throw
same search.
continued…



Google metacharacter SpamDexing Bug - An Anomaly

Note:The Bug has been removed from the google search engine.

Abstract:

This analysis is based on the search engine bugs and anomalies.The anomaly is an
occurrence of undesired result that originates due to some core problems persist in
a search engine or the applied algorithms.This is due to the defective layout in search
engine which causes anomaly or bug to occur.The empirical basis of working relies on
the context in which is applied.
continued…



MSN Search Dethrone Information Disclosure : Blacked

Abstract:
During continuous web assessment sessions i have been noticing the changes that have occured in the MSN search engine.The MSN has lifted up its searching criteria to a great extent where extraction of specific information has become difficult.
continued…



Meta Stroking - False Hits In Google

Abstract :
This article is designed against the false working layout of google algorithm call it as anomaly.
This encompass the false meta stroking with web sites.The anomaly or bug is there on the
spamdexing pattern.A defined explanation is provided.
continued…



Advisories Lift Up

The advisories require vendor response and the patching of desired vulnerability.
Metaeye waits for that till a specific solution or a response being undertaken with
specifications by the Vendor.

MetaEye on prior conditions and policies look at every sibgle point and then the
advisory is made public.

Knowledge should not be negatively executed.

MetaEye



Orkut - Redirection Vulnerability In Glogin.aspx

Vendor : Orkut

Severity : Critical

Dated : 20 September 2006

Explanation :

A generic flaw is undertaken in orkut accounts.After successfully validating the login credentials
page redirects to orkut portal.The URL is

https://www.orkut.com/GLogin.aspx?done=http%3A%2F%2Fwww.orkut.com%2F

The attacker can lay attack through done parameter by passing another website name which auto-
matically redirect to the attackers destined point encompassing false positives.

The Example : -
https://www.orkut.com/GLogin.aspx?done=http://www.metaeye.org

Vendor Status : Reported And Patched



SQL Injection In MSN

Vendor : MSN

Severity : Intermediate

Dated : 21 September 2006

Explanation :

A specific SQL Injection is undertaken in MSN website. It reveals some crucial information regarding the
database which includes Server name, Database name, and Table name, etc.

Website : http://msn.microsoft.se/adstat/msnstats/sweden/redirect.asp

You can look at the injection output HERE

Vendor Status : Reported And Patched.



MSN msid Redirection Bug

Vendor : MSN

Severity : Critical

Dated : 26 September 2006

Explanation:

The msn msid website possess a very rogue redirection bug.In this the msid is used for the users that
possess specific GUIDs are redirected to webpage destined.This sets not only zone transfer across
domains but also redirection of traffic.The attacker can leverage this so called bug for exploting web
and inculsion of manipulated links.The attacker can also set a third party redirection if this fused with
another redirection links which defined the traffic is originating from MSN.

Example :

You can click on THIS to view redirection.

Vendor Status : Reported and not patched



Security Companies : Trodden Basics

The security world is burgeoning like an encaustic fire but do security companies playing a
diversified role in dethroning the process of exploitation.

continued…