Saturday, August 7, 2010
Tenable Network Security XSS Defacement
XSS,redirect and html injection another time!
About? Tenable's award winning products are agentless solutions and architected for the continuous monitoring of vulnerabilities,configurations,data leakage,log analysis and compromise detection and are used by thousands of organizations both large and small around the world.
Although Tenable is known primarily for its Nessus vulnerability scanner product,Tenable's Unified Security Monitoring solution consists of four fully integrated software applications: Tenable's Security Center,Nessus,the Passive Vulnerability Scanner and the Log Correlation Engine.
Proof of Concept: XSS and redirect HERE
and now I can say only; WHAT THE FUCK ? is the second time
Edit: bug fixed / Sun Aug 08 2010