cachemgr.cgi

[Max Vision <vision () whitehats com>]

All,

I am under an *enormous* amount of pressure right now and I don't want to
blow up over some stupid flame...  so I'll keep it really short.

A user posted a question about a couple of exploits:
http://whitehats.com/cgi/forum/messages.cgi?bbs=get_topic&f=2&t=000040

I asked for clarification... then went and searched for information about
the Squid cachemgr.cgi vulnerability, and then ran the query/attack and
grabbed the packet, then wrote up the signature.

I posted it to the forum.  No big deal.

Take care,
Max

---------- Forwarded message ----------
Date: Mon, 25 Jun 2001 11:19:40 -0700 (PDT)
From: feedback <info () whitehats com>
To: vision () whitehats com
Subject: ** Whitehats FEEDBACK **

comments: I would like to thank you for not giving credit where
credit is due.  Since credit is such an important thing
to arachNIDS, I feel it is important to relay the signatures
that I have written for snort in informed manor.

If you check the snort CVS logs, I added the latest
cachemgr.cgi signature on 2001/05/20.

While this signature was not complicated, I still added it over
a month before arachNIDS.

Since Max felt justified in bitching about my stealing credit
(which I never done) I feel it is important to bring this up.

IP Info: 129.83.19.1
Via:  by http://webproxy1.mitre.org:80 (Netscape-Proxy/3.52)
Referer: http://www.whitehats.com/contact.html


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users