One of our new products being developed at Comodo is called “HackerGuardian”

This is a vulnerability scanner based on the Nessus Engine, the product is still in late beta status, but already somebody found a way to use it in malicious ways 🙂

Technorati Tags: Comodo, HackerGuardian, Hacker

The original document is here .. it was found and reported by thedumbterminal.co.uk

Hacker Guardian arbitrary host scanning – Overview

Comodo Hacker Guardian provides internet security scanning with a front page that quotes:

“It provides for daily audits to run on one IP address and an unspoofable TrustLogo you can place on your web site indicating you are safe from hackers.”

They offer a free scan so visitors can test their own server. The FAQ states:

“HackerGuardian Free Scan – available to website owners, network operators and home users free of charge. Registering for the service enables users to run a HackerGuardian vulnerability audit on a single IP to identify potential security threats. The Free service is limited to 3 scans per license on a single IP and is non user customizable.”

Unfortunately you can scan any host you choose and register for more than 3 scans, see below for details.

Hacker Guardian arbitrary host scanning – Timeline

Date found 06/03/2006
Date reported to vendor 16/03/2006
Date reported to public
Date fixed
Credit MacGyveR

Hacker Guardian arbitrary host scanning – Screenshots

The screen below shows that you can signup for more than 3 free scans:

This is the screen you see when you start scanning, your own IP address is in a “read only” text box:

Using Firefox’s Web Developer extension, you can change the IP address in the text box to anything you want:

Ouch :p

The problem is obvious, on free scans the code needs to make sure the IP you are scanning is the same that just got reported to you as beeign your own.