Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Exploit Uses JavaScript To Compromise Intranets, VPNs

Posted by timothy on from the criminal-enterprises-deal-in-cache dept.

redsoxh8r writes "Security researcher Robert Hansen, known as Rsnake, has developed a new class of attack that abuses a weakness in many corporate intranets and most browsers to compromise remote machines with persistent JavaScript backdoors. Threatpost reports: 'The attacks rely on the long-term caching policies of some browsers and take advantage of the collisions that can occur when two different networks use the same non-routable IP address space, which happens fairly often because the amount of address space is quite small. The bottom line is that even a moderately skilled attacker has the ability to compromise remote machines without the use of any vulnerability or weakness in the client software.'"

2 of 87 comments (clear)

  1. Phew! by unifyingtheory · · Score: 5, Funny

    Good thing I don't use the Internet.

  2. Re:You need your eyes examined by Anonymous Coward · · Score: 4, Funny

    That's not what the ladies say... ;)