Script insecurity on htxp://ocsp2.globalsign.com

polonus · 2017-03-16T12:11:15.000Z

See: http://retire.insecurity.today/#!/scan/d67500194aa46778834f04df92adddf7254d4ad1dfa6963ac2cf96559d456400
2 vulnerable libraries detected on Cloudflare nginx server h2 , spdy/3.1, http/1.1 DNS:-ssl359303.cloudflaressl.com
risk rating 9 red out of 10: http://toolbar.netcraft.com/site_report?url=http%3A%2F%2F104.16.28.216%2F
Open SSL. POST /gsorganizationvalsha2g2 HTTP/1.1
Host: -ocsp2.globalsign.com → https://observatory.mozilla.org/analyze.html?host=ocsp2.globalsign.com
No sources beside sinks detected: http://www.domxssscanner.com/scan?url=http%3A%2F%2Focsp2.globalsign.com
Re: http://research.insecurelabs.org/jquery/test/
and again javascript at the core of the problem.

polonus

polonus · 2017-03-16T17:07:30.000Z

Similar situation here: https://sritest.io/#report/c41dbd04-6e3b-4bfe-a13a-7eb8a1c8defe
and https://observatory.mozilla.org/analyze.html?host=tubejack.nl
check plug-ins for updates: https://hackertarget.com/wordpress-security-scan/
vulnerable jQuery library: http://retire.insecurity.today/#!/scan/1d8a69f8ab84fd0e4b8c2efd92aca53670608f2a806637efed09886511b99296
various sources and sinks: http://www.domxssscanner.com/scan?url=https%3A%2F%2Ftubejack.nl
Have to add this vulnerability there also: http://retire.insecurity.today/#!/scan/792275039ee53608d3f656d266e6b46883f317296c274d25d795e0104b9167ab

polonus

polonus · 2017-03-16T18:10:14.000Z

Script insecurity is everywhere for instance: htxp://www.derbeobachter.net/wp-content/plugins/nggallery/thickbox/thickbox-pack.js?ver=3.1.1
error:

error: line:4: SyntaxError: missing ; before statement:
error: line:4: Results from scanning URL: -http:/www.derbeobachter.net/wp-
error: line:4: ^

Read on error: https://developer.mozilla.org/pl/docs/Web/JavaScript/Reference/Errors/Missing_semicolon_before_statement

Where we have found that? Here in a site that is being blocked for me: uBlock₀ blocked the following:
htxps://bat.bing dot com/bat.js
Reason is the following filter
-||bat.bing.com^
This filter is listed here: EasyPrivacy

polonus

Announcements