Full Disclosure mailing list archives
RE: Unauthorized access in Web Wiz Forum
From: "Mortis" <m0rtis () adelphia net>
Date: Sun, 9 Nov 2003 05:33:12 -0500
Dearest (suretel.net/sigma.com/your-server.de) administrators, Your mail server is acting as a relay when it gets certain messages from the bugtraq mailing list (bugtraq () securityfocus com). The problem messages are also copied to the full disclosure list in the original To: or Cc:. Your servers are accepting the message from securityfocus. It is intended for one of your customers. You are forwarding the message to full-disclosure () lists netsys com. I am thinking this sort of forwarding could be used for all sorts of fun and naughty things. I have enclosed the headers I get on this end of the journey. I hate to lose another box for sending out my 419 spams, but we all have to sacrifice now and then. Russian hackers are swearing at you. I don't want to see the fallout. BTW, these folks could use a donation: http://www.rosies.org/content/h-donate.htm It's getting cold up north and the bums could use some soup and assorted whatnot. Like a coat or something. Regards, Mortis suretel.net: -------------------- Return-Path: <full-disclosure-admin () lists netsys com> Received: from netsys.com ([199.201.233.10]) by mta4.adelphia.net (InterMail vM.5.01.06.05 201-253-122-130-105-20030824) with ESMTP id <20031106220410.HFJD20580.mta4.adelphia.net () netsys com> for <m0rtis () adelphia net>; Thu, 6 Nov 2003 17:04:10 -0500 Received: from NETSYS.COM (localhost [127.0.0.1]) by netsys.com (8.11.6p2-2003-09-16/8.11.6) with ESMTP id hA6LcDG06524; Thu, 6 Nov 2003 16:38:13 -0500 (EST) Received: from mail.suretel.net (mail1.suretel.net [69.8.3.246]) by netsys.com (8.11.6p2-2003-09-16/8.11.6) with ESMTP id hA6LXI704437 for <full-disclosure () lists netsys com>; Thu, 6 Nov 2003 16:33:20 -0500 (EST) Received: from mail pickup service by mail.suretel.net with Microsoft SMTPSVC; Thu, 6 Nov 2003 15:32:18 -0600 Thread-Index: AcOiLxyBnlhT/21KSXW0Fa3sdHxh5A== Priority: normal Received: from outgoing2.securityfocus.com ([205.206.231.26]) by mail.suretel.local with Microsoft SMTPSVC(5.0.2195.5329); Mon, 3 Nov 2003 11:22:51 -0600 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id 2D05D8F877; Mon, 3 Nov 2003 03:29:08 -0700 (MST) Mailing-List: contact bugtraq-help () securityfocus com; run by ezmlm Content-Class: urn:content-classes:message Importance: normal Precedence: bulk Delivered-To: mailing list bugtraq () securityfocus com Delivered-To: moderator for bugtraq () securityfocus com Received: (qmail 16398 invoked from network); 2 Nov 2003 03:41:22 -0000 Message-ID: <020a01c3a126$9b91aaf0$0bd3bdd5@pigkiller> From: "Alexander Antipov" <pk95 () yandex ru> To: <full-disclosure () lists netsys com>, <bugtraq () securityfocus com> Cc: <info () webwizguide info> MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1193 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-OriginalArrivalTime: 03 Nov 2003 17:22:51.0960 (UTC) FILETIME=[1C5E2380:01C3A22F] Subject: [Full-disclosure] Unauthorized access in Web Wiz Forum Sender: full-disclosure-admin () lists netsys com Errors-To: full-disclosure-admin () lists netsys com X-BeenThere: full-disclosure () lists netsys com X-Mailman-Version: 2.0.12 List-Unsubscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists netsys com?subject=uns ubscribe> List-Id: Discussion of security issues <full-disclosure.lists.netsys.com> List-Post: <mailto:full-disclosure () lists netsys com> List-Help: <mailto:full-disclosure-request () lists netsys com?subject=hel p> List-Subscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists netsys com?subject=sub scribe> List-Archive: <http://lists.netsys.com/pipermail/full-disclosure/> Date: Sun, 2 Nov 2003 12:49:25 +0300 sigma.com: ------------------------ Return-Path: <full-disclosure-admin () lists netsys com> Received: from netsys.com ([199.201.233.10]) by mta10.adelphia.net (InterMail vM.5.01.06.05 201-253-122-130-105-20030824) with ESMTP id <20031105113028.HRNG16939.mta10.adelphia.net () netsys com> for <m0rtis () adelphia net>; Wed, 5 Nov 2003 06:30:28 -0500 Received: from NETSYS.COM (localhost [127.0.0.1]) by netsys.com (8.11.6p2-2003-09-16/8.11.6) with ESMTP id hA5ARBG06371; Wed, 5 Nov 2003 05:27:11 -0500 (EST) Received: from gw.simga.com (62-231-67-45.rdsnet.ro [62.231.67.45] (may be forged)) by netsys.com (8.11.6p2-2003-09-16/8.11.6) with ESMTP id hA5APD705805 for <full-disclosure () lists netsys com>; Wed, 5 Nov 2003 05:25:13 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by gw.simga.com (Postfix) with ESMTP id D0DAC15947; Wed, 5 Nov 2003 13:17:40 +0200 (EET) Received: by gw.simga.com (Postfix, from userid 0) id 59A256DA4; Wed, 5 Nov 2003 13:17:39 +0200 (EET) Received: from outgoing2.securityfocus.com (outgoing2.securityfocus.com [205.206.231.26]) by gw.simga.com (Postfix) with ESMTP id 0E05615CC5 for <vladg () simga com>; Tue, 4 Nov 2003 19:23:05 +0200 (EET) Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id 2D05D8F877; Mon, 3 Nov 2003 03:29:08 -0700 (MST) Mailing-List: contact bugtraq-help () securityfocus com; run by ezmlm Precedence: bulk Delivered-To: mailing list bugtraq () securityfocus com Delivered-To: moderator for bugtraq () securityfocus com Received: (qmail 16398 invoked from network); 2 Nov 2003 03:41:22 -0000 Message-ID: <020a01c3a126$9b91aaf0$0bd3bdd5@pigkiller> From: "Alexander Antipov" <pk95 () yandex ru> To: <full-disclosure () lists netsys com>, <bugtraq () securityfocus com> Cc: <info () webwizguide info> MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1193 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1193 X-Virus-Scanned: by AMaViS 0.3.12pre8 Subject: [Full-disclosure] Unauthorized access in Web Wiz Forum Sender: full-disclosure-admin () lists netsys com Errors-To: full-disclosure-admin () lists netsys com X-BeenThere: full-disclosure () lists netsys com X-Mailman-Version: 2.0.12 List-Unsubscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists netsys com?subject=uns ubscribe> List-Id: Discussion of security issues <full-disclosure.lists.netsys.com> List-Post: <mailto:full-disclosure () lists netsys com> List-Help: <mailto:full-disclosure-request () lists netsys com?subject=hel p> List-Subscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists netsys com?subject=sub scribe> List-Archive: <http://lists.netsys.com/pipermail/full-disclosure/> Date: Sun, 2 Nov 2003 12:49:25 +0300 your-server.de: ------------------------------------ Return-Path: <full-disclosure-admin () lists netsys com> Received: from netsys.com ([199.201.233.10]) by mta1.adelphia.net (InterMail vM.5.01.06.05 201-253-122-130-105-20030824) with ESMTP id <20031103180117.QJID26264.mta1.adelphia.net () netsys com> for <m0rtis () adelphia net>; Mon, 3 Nov 2003 13:01:17 -0500 Received: from NETSYS.COM (localhost [127.0.0.1]) by netsys.com (8.11.6p2-2003-09-16/8.11.6) with ESMTP id hA3GwCG22028; Mon, 3 Nov 2003 11:58:12 -0500 (EST) Received: from www3.your-server.de (www3.your-server.de [213.133.104.3]) by netsys.com (8.11.6p2-2003-09-16/8.11.6) with SMTP id hA3Guq721461 for <full-disclosure () lists netsys com>; Mon, 3 Nov 2003 11:56:54 -0500 (EST) Received: (qmail 2102 invoked by uid 0); 3 Nov 2003 16:56:52 -0000 Received: from pk95 () yandex ru by www3.your-server.de by uid 502 with qmail-scanner-1.15 (vexira: 6.22.0.1/6.22.0.24. Clear:. Processed in 0.583508 secs); 03 Nov 2003 16:56:52 -0000 X-Qmail-Scanner-Mail-From: pk95 () yandex ru via www3.your-server.de X-Qmail-Scanner: 1.15 (Clear:. Processed in 0.583508 secs) Received: from pd9e8dc06.dip.t-dialin.net (HELO europa.DSHSTATISTIK.DE) (217.232.220.6) by www3.your-server.de with SMTP; 3 Nov 2003 16:56:51 -0000 Received: from europa.DSHSTATISTIK.DE ([192.168.0.30]) by europa.DSHSTATISTIK.DE with Microsoft SMTPSVC(5.0.2195.5329); Mon, 3 Nov 2003 18:00:52 +0100 Received: by europa.DSHSTATISTIK.DE (Microsoft Connector for POP3 Mailboxes 5.00.2195) with SMTP (Global POP3 Download) id MSG11032003-180049-472.MMD () DSHSTATISTIK DE; Mon, 3 Nov 2003 18:00:49 +0100 Delivered-To: dshstat-webmaster () dsh-statistik de Received: (qmail 28108 invoked by uid 910); 3 Nov 2003 16:43:24 -0000 Delivered-To: dshstat-johannes.klein () dsh-statistik de Received: (qmail 28103 invoked by uid 0); 3 Nov 2003 16:43:24 -0000 Received: from bugtraq-return-11681-johannes.klein=dsh-statistik.de@securit yfocus.com by www3.your-server.de by uid 502 with qmail-scanner-1.15 (vexira: 6.22.0.1/6.22.0.24. Clear:. Processed in 0.581339 secs); 03 Nov 2003 16:43:24 -0000 X-Qmail-Scanner-Mail-From: bugtraq-return-11681-johannes.klein=dsh-statistik.de@securit yfocus.com via www3.your-server.de X-Qmail-Scanner: 1.15 (Clear:. Processed in 0.581339 secs) Received: from outgoing2.securityfocus.com (205.206.231.26) by www3.your-server.de with SMTP; 3 Nov 2003 16:43:24 -0000 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id 2D05D8F877; Mon, 3 Nov 2003 03:29:08 -0700 (MST) Mailing-List: contact bugtraq-help () securityfocus com; run by ezmlm Precedence: bulk Delivered-To: mailing list bugtraq () securityfocus com Delivered-To: moderator for bugtraq () securityfocus com Received: (qmail 16398 invoked from network); 2 Nov 2003 03:41:22 -0000 Message-ID: <020a01c3a126$9b91aaf0$0bd3bdd5@pigkiller> From: "Alexander Antipov" <pk95 () yandex ru> To: <full-disclosure () lists netsys com>, <bugtraq () securityfocus com> Cc: <info () webwizguide info> MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1193 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1193 X-OriginalArrivalTime: 03 Nov 2003 17:00:52.0500 (UTC) FILETIME=[09E88540:01C3A22C] Subject: [Full-disclosure] Unauthorized access in Web Wiz Forum Sender: full-disclosure-admin () lists netsys com Errors-To: full-disclosure-admin () lists netsys com X-BeenThere: full-disclosure () lists netsys com X-Mailman-Version: 2.0.12 List-Unsubscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists netsys com?subject=uns ubscribe> List-Id: Discussion of security issues <full-disclosure.lists.netsys.com> List-Post: <mailto:full-disclosure () lists netsys com> List-Help: <mailto:full-disclosure-request () lists netsys com?subject=hel p> List-Subscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists netsys com?subject=sub scribe> List-Archive: <http://lists.netsys.com/pipermail/full-disclosure/> Date: Sun, 2 Nov 2003 12:49:25 +0300 A proper copy from the list. You probably got it this way, too, before you remailed it: ---------------------------- Return-Path: <full-disclosure-admin () lists netsys com> Received: from netsys.com ([199.201.233.10]) by mta11.adelphia.net (InterMail vM.5.01.06.05 201-253-122-130-105-20030824) with ESMTP id <20031102102538.IITS24277.mta11.adelphia.net () netsys com> for <m0rtis () adelphia net>; Sun, 2 Nov 2003 05:25:38 -0500 Received: from NETSYS.COM (localhost [127.0.0.1]) by netsys.com (8.11.6p2-2003-09-16/8.11.6) with ESMTP id hA29o1G14743; Sun, 2 Nov 2003 04:50:01 -0500 (EST) Received: from bingo.new.yandex.ru (bingo.new.yandex.ru [213.180.200.1]) by netsys.com (8.11.6p2-2003-09-16/8.11.6) with ESMTP id hA29m4714264 for <full-disclosure () lists netsys com>; Sun, 2 Nov 2003 04:48:05 -0500 (EST) Received: from algo6.fix.aha.ru ([213.189.211.11]:39950 "EHLO pigkiller" smtp-auth: "pk95" TLS-CIPHER: <none> TLS-PEER-CN1: <none>) by mail.yandex.ru with ESMTP id <S687884AbTKBJrx>; Sun, 2 Nov 2003 12:47:53 +0300 Message-ID: <020a01c3a126$9b91aaf0$0bd3bdd5@pigkiller> From: "Alexander Antipov" <pk95 () yandex ru> To: <full-disclosure () lists netsys com>, <bugtraq () securityfocus com> Cc: <info () webwizguide info> MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1193 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1193 Subject: [Full-disclosure] Unauthorized access in Web Wiz Forum Sender: full-disclosure-admin () lists netsys com Errors-To: full-disclosure-admin () lists netsys com X-BeenThere: full-disclosure () lists netsys com X-Mailman-Version: 2.0.12 Precedence: bulk List-Unsubscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists netsys com?subject=uns ubscribe> List-Id: Discussion of security issues <full-disclosure.lists.netsys.com> List-Post: <mailto:full-disclosure () lists netsys com> List-Help: <mailto:full-disclosure-request () lists netsys com?subject=hel p> List-Subscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists netsys com?subject=sub scribe> List-Archive: <http://lists.netsys.com/pipermail/full-disclosure/> Date: Sun, 2 Nov 2003 12:49:25 +0300
-----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of Alexander Antipov What's shit? I did not send this message again!
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Unauthorized access in Web Wiz Forum Alexander Antipov (Nov 02)
- Re: Unauthorized access in Web Wiz Forum Alexander Antipov (Nov 06)
- Re: Unauthorized access in Web Wiz Forum KF (Nov 07)
- Re: Unauthorized access in Web Wiz Forum Valdis . Kletnieks (Nov 07)
- RE: Unauthorized access in Web Wiz Forum Mortis (Nov 09)
- Re: Unauthorized access in Web Wiz Forum KF (Nov 07)
- Re: Unauthorized access in Web Wiz Forum Alexander Antipov (Nov 06)