General discussion

Bofra/IFrame Exploits on More Web Sites (updated)

Bofra/IFrame Exploits on More Web Sites. The Storm Center received a report this morning of a high profile UK website that contains a pointer on their main page to another URL hosting the Bofra/IFrame exploit. We have confirmed that if this site is visited using Internet Explorer the exploit will be downloaded. The site owners have been notified.

UPDATE, 1525 UTC. The site in the UK has been fixed. We have received reports of sites in Sweden and the Netherlands that were also compromised. This may indicate a more wide-spread attack across Europe. One suggestion is that the advertising servers rather than the sites themselves contain the exploit, which of course means that perhaps hundreds of sites are affected.

Marcus H. Sachs
Director, SANS Internet Storm Center

http://isc.sans.org/diary.php?date=2004-11-20

Also here:

News: Major Exploit Underway...

http://www.dslreports.com/forum/remark,11904374~mode=flat

Discussion is locked
Follow
Reply to: Bofra/IFrame Exploits on More Web Sites (updated)
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Bofra/IFrame Exploits on More Web Sites (updated)
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments

CNET Forums

Forum Info