[VIM] US national vulnerability database hacked (fwd)

security curmudgeon jericho at attrition.org
Wed Mar 13 21:11:20 CDT 2013

Guess this explains the outage.

---------- Forwarded message ----------
From: Richard Forno <rforno at infowarrior.org>

US national vulnerability database hacked


By Jack Clark in San Francisco ? Get more from this author

Posted in Security, 14th March 2013 01:17 GMT

The US government's online catalog of cyber-vulnerabilities has been taken 
offline ? ironically, due to a software vulnerability.

The National Institute of Standards and Technology's National 
Vulnerability Database's (NVD) public-facing website and other services 
have been offline since Friday due to a malware infection on two web 
servers, it emerged on Wednesday.

The Register received an anonymous tip-off about the infection on 
Wednesday afternoon, which led us to a Google+ post containing information 
from NIST.

"On Friday March 8, a NIST firewall detected suspicious activity and took 
steps to block unusual traffic from reaching the Internet," Gail Porter of 
NIST's public inquiries office told a concerned chief security officer in 
an email, according to the post.

"NIST began investigating the cause of the unusual activity and the 
servers were taken offline. Malware was discovered on two NIST Web servers 
and was then traced to a software vulnerability."

There is no evidence that NIST web pages were used to serve malware, 
Porter wrote, and the organization is "continuing to respond to the 

So far, NIST is doing everything by the literal book, as section 4.3.4 of 
its own Guide to Malware Incident Prevention and Handling (PDF) says that 
if you do get infected by malware, "containing incidents by placing 
temporary restrictions on network connectivity can be very effective".


More information about the VIM mailing list