WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

webcalendar and cacti

From: Mark Ryan del Moral Talabis <talabis () gmail com>
Date: Tue, 29 Nov 2005 11:48:23 +0800
We picked up another "combination" attack. It's directed towards
Webcalendar and Cacti. It uses the old remote file inclusion
vulnerabilities of both applications reported some time back. The
attack is pretty harmless though. It just runs this script:

http://www.geocities.com/trustopt/t.txt

which contains:

<html>
<head>
<title>Vulner4bl3</title>
<? echo "VulnerabLe" ?>

For the full report and packet payloads, please go to:
http://www.philippinehoneynet.org/

Cheers!
Ryan Talabis
Philippine Honeynet Project
http://www.philippinehoneynet.org
Previous By Date Next
Previous By Thread Next

Current thread: