E-Belarus.ORG | 42% of websites in the .by zone are vulnerable

42% of websites in the .by zone are vulnerable

01/02/2008

Experts of the Belsec company have recently conducted a security level survey of the websites with .by domain name. Belsec automatically scanned nodes and manually analyzed a random selection of 100 sites ( "site:by" google request).

42% of analyzed web sites were detected as vulnerable.

Cross-Site Scripting, XSS makes 52% of all detected vulnerabilities. Information Leakage (with 27%) takes the second place. Then comes SQL Injection 16% of detected vulnerabilities.

Other types of vulnerabilities (5%) include Predictable Resource location, Command Execution, Brute Force, Insufficient Authentication, Directory Indexing.

Thus critical vulnerabilities make 21% of total amount, while medium and low risk vulnerabilities account for 38% and 41% of total amount correspondingly.

Belsec experts stress lack of awareness of corporate website security economic effect.

Useful links:

Belsec

This information may be reproduced provided that E-Belarus.org is given as the source.

E-Belarus.ORG, 2001-2011

This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License

Themes

Content
Cybercrime
E-conomy
E-Activism
Education/
E-Learning
E-Strategies/Policy
Governance
Infrastructure
Legal
Media
Mobile and Wireless
Netbiz
Open Source
Privacy/Security
Technology/R&D
Telecentres/
Telecottages

42% of websites in the .by zone are vulnerable

Themes

Information Policy Blog