Saturday, August 7, 2010

Tenable Network Security XSS Defacement

XSS,redirect and html injection another time!

About? Tenable's award winning products are agentless solutions and architected for the continuous monitoring of vulnerabilities,configurations,data leakage,log analysis and compromise detection and are used by thousands of organizations both large and small around the world.

Although Tenable is known primarily for its Nessus vulnerability scanner product,Tenable's Unified Security Monitoring solution consists of four fully integrated software applications: Tenable's Security Center,Nessus,the Passive Vulnerability Scanner and the Log Correlation Engine.

Proof of Concept: XSS and redirect HERE

and now I can say only; WHAT THE FUCK ? is the second time

Edit: bug fixed / Sun Aug 08 2010

No comments: