Wednesday, April 16, 2008

Spot the Fed or Spot the Pony - CIA XSS

I can't resist. Giorgio Maone posted this here, having seen it on the Wired blog.
The repros say it all, and mind you, this "opportunity" has been public for days, yet the CIA hasn't fixed or disabled it. As Wired alluded, methinks the Cyber Security 'Manhattan Project' hasn't quite reached fruition yet.
For you fans of the "alqa-ida pony club" go here, but if you'd prefer to read about wunderkind Chertoff's latest spew try this. Both execute in the context of cia.gov. Sad, to say the least. Hopefully, these won't work much longer.
Screenshots if you'd prefer.




del.icio.us | digg

No comments:

Toolsmith Tidbit: Windows Auditing with WINspect

WINSpect recently hit the toolsmith radar screen via Twitter, and the author, Amine Mehdaoui , just posted an update a couple of days ago, ...