Bugtraq mailing list archives
Website Pro v2.0 (NT) Configuration Issues
From: xian () IDSOFTWARE COM (Christian Antkow)
Date: Tue, 16 Feb 1999 17:45:09 -0600
As some of you might be aware, our website (www.idsoftware.com) was hacked this morning using the "out-of-the-box" features of Website Pro 2.0. The perpetrator used /cgi-dos/args.bat as well as /cgi-win/uploader.exe to upload new files and overwrite our index.html file with a "Free Kevin" webpage (identical to the opening page of www.2600.com). Any admins out there running Website Pro for NT might want to double check your security settings, and possibly remove these demo files if you don't have an explicit need for them to exist. Cheers, -Xian
Current thread:
- OT: Copyright on Security advisories, (continued)
- OT: Copyright on Security advisories Aviram Jenik (Feb 18)
- Re: OT: Copyright on Security advisories Doug Granzow (Feb 19)
- Re: mSQL vulnerability. John W. Temples (Feb 18)
- Debian GNU/Linux 2.0r5 released (fwd) Jamie Fifield (Feb 17)
- Regarding passwords in registry keys. Ash (Feb 19)
- Re: [proftpd-l] root compromise ? (fwd) Nic Bellamy (Feb 14)
- ICQ99 crash loser (Feb 14)
- Re: ICQ99 crash Eric J. Stevens (Feb 15)
- Re: ICQ99 crash Joe Stewart (Feb 16)
- Re: ICQ99 crash Timothy Doane (Feb 16)
- Website Pro v2.0 (NT) Configuration Issues Christian Antkow (Feb 16)
- [HERT] Advisory #002 Buffer overflow in lsof Anthony C . Zboralski (Feb 17)
- [SECURITY] New versions of super fixes two buffer overflows joey () FINLANDIA INFODROM NORTH DE (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Vic Abell (Feb 18)
- Tetrix 1.13.16 is Vulnerable Steven Hodges (Feb 17)
- Re: Tetrix 1.13.16 is Vulnerable Pavel Machek (Feb 19)
- ADMsnmp SNMP Audit scanner root (Feb 17)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Gene Spafford (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Theo de Raadt (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Gene Spafford (Feb 18)
- IE0199.exe uninstaller David Brumley (Feb 19)