Wednesday, December 25, 2013

Namecheap CSRF Vulnerability could lead to DNS Hijacking

A Security researcher Henry Hoggard has discovered a cross site request forgery(CSRF) vulnerability in the Namecheap website that could lead attackers to hijack the DNS records.
An attacker could have exploited this vulnerability and redirect the websites to fake website.  The attacker could also have managed to display defacement message.In his blog post, the researcher said the vulnerability could allowed hackers to redirect MX records and intercept email.

In an email sent to ThreatPost, the researcher said "This would have impacted all customers, which I’m sure is a lot of high profile websites, as Namecheap is one of the most popular domain registrars".





0 comments:

Post a Comment

 

Subscribe in Bloglines Msn bot last visit powered by MyPagerank.Net Yahoo bot last visit powered by MyPagerank.Net
I heart FeedBurner downtime checker The Ubuntu Counter Project - user number # 31290

 
Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Powered by TadPole
FOG FLAMES