[Owasp_wasc_web_hacking_incidents_database_project] WHID 2014-147: BrowserStack Hacked via Shellshock

Web Hacking Incident Database (WHID) owaspwhid at owasp.org
Fri Nov 14 19:57:55 UTC 2014

(Incident Description): The cross-browser testing service BrowserStack was recently breached by an attacker who leveraged his access to send an email to users claiming that the service was shutting down.

(Attack Method): OS Commanding

(Application Weakness): Improper Input Handling

(Outcome): Leakage of Information

(Reference) : http://www.esecurityplanet.com/network-security/browserstack-hacked-via-shellshock.html

More information about the Owasp_wasc_web_hacking_incidents_database_project mailing list