Hosting Provided By

RE: A small quandary

From: Bojan Zdrnja <Bojan.Zdrnja(at)FER.hr>
Date: Mon Dec 09 2002 - 06:02:48 EST

Exactly my words :)

> > /scripts..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:

Only second scan isn't IIS vulnerability - it's mrtg cgi script vulnerability which allows attacker to display arbitrary files. For more info check: http://online.securityfocus.com/bid/4017/info/. It's typical input validation error.

Best regards,

Bojan Zdrnja

This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Tue Dec 10 00:54:34 2002

This message: [ Message body ]
Next message: jlewis(at)lewis.org: "Re: EBay Fraud Attempt"
Previous message: jlewis(at)lewis.org: "Re: Spam via proxy"
In reply to H C: "Re: A small quandary"
Next in thread: Mike Katz: "Re: A small quandary"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:54 EDT

Do you need help?