WebApp Sec mailing list archives
webcalendar and cacti
From: Mark Ryan del Moral Talabis <talabis () gmail com>
Date: Tue, 29 Nov 2005 11:48:23 +0800
We picked up another "combination" attack. It's directed towards Webcalendar and Cacti. It uses the old remote file inclusion vulnerabilities of both applications reported some time back. The attack is pretty harmless though. It just runs this script: http://www.geocities.com/trustopt/t.txt which contains: <html> <head> <title>Vulner4bl3</title> <? echo "VulnerabLe" ?> For the full report and packet payloads, please go to: http://www.philippinehoneynet.org/ Cheers! Ryan Talabis Philippine Honeynet Project http://www.philippinehoneynet.org
Current thread:
- webcalendar and cacti Mark Ryan del Moral Talabis (Nov 29)