Securehosting, not so secure after all? [SOLVED]

See: http://toolbar.netcraft.com/site_report?url=http://shclient.nl
75% of the trackers on this site could be protecting you from NSA snooping. Tell securehoster.nl to fix it.
Unique IDs about your web browsing habits have been insecurely sent to third parties.

2vXXXXXXXXXXXXX9ukvro6b90 s1.securehoster.nl shared with 4 parties involved: -s1.securehoster.nl
-local.adguard.com (secure), - Google, -ww.mustbebuilt.co.uk -www.mustbebuilt.co.uk (extension).
Google Analytics tracking mainly.

jQuery libraries to be retired asap:
-https://s1.securehoster.nl/
Detected libraries:
jquery - 1.6.3 : (active1) -https://s1.securehoster.nl/js/jquery-1.6.3.min.js
Info: Severity: medium
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery-ui-autocomplete - 1.8.16 : -https://s1.securehoster.nl/js/jquery-ui-1.8.16.custom.min.js (UI widget).
(active) - the library was also found to be active by running code
1 vulnerable library detected
DNS fail and warning: http://www.dnsinspect.com/securehoster.nl/1450016185
Name servers without A records.
Found missing name servers:
-ns3.securehoster.eu.
WARNING: Name servers software versions are exposed.
Also consider: http://toolbar.netcraft.com/site_report?url=http://5.200.2.99

polonus (volunteer website security analyst and website error-hunter)

Hi polonus,

Thank’s for your research.

I think, the title of this post is too loud for this research. There are no critical issues in your report, as I can see.

We have updated the jQuery lib 8)

Looks like you missed one during the update.
http://retire.insecurity.today/#!/scan/a44d2ddf323b04c77032745c942e7338cc106f1d92fc0ce9241e57ac289b0bf7

Well Eddy, you are right for that library, re: http://domstorm.skepticfx.com/modules?id=529bbe6e125fac0000000003
e.g. -http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

And @“SecureHoster” thank you very much for your reaction, this give us all hope. Pro-active secure hosting, that is just what the community needs, and that is why we report here. Pointing out some weaknesses overlooked always helps. Security does not only mean monitoring and analyzing logs, it is also about retiring vulnerable code. Zip it for later reference and then take it down.

polonus (volunteer website security analyst and website error-hunter)

Hey Eddy! Well, it’s not a critical issue to be fixed right now. It’s just a website, not a system. We are already busy with a new website, so it will be updated soon.

Thank’s, polonus :wink:

Is it possible to move this thread from “viruses and worms” to another forum/section? :-\

Didn’t knew about the new website.
I guess it will be up soon.
If not I sure would fix that issue, even if it is rated as medium.
Better safe than sorry as they say :wink:

Yes the thread can be moved by people who have moderation rights.
But there is no need to move it.
This is the correct forum for it.

Hi Eddy,

We should always determine according to the following raw formula: number of vulnerabilities times severity of the vulnerabilities times how easy these vulnerabilities can be exploited. In case of user enumeration enabled I scale this as a high risk vulnerability.
In case of XSS DOM sinks and sources it depends on where these have access (so the third denominator of that formula).

polonus