Hosting Provided By

RE: /sumthin Revisited

From: Jonathan A. Zdziarski <jonathan(at)networkdweebs.com>
Date: Tue Jan 07 2003 - 17:25:44 EST

Well whatever it is, it is obviously only interested in the web server itself and not individual websites; this is evident by the HTTP/1.0 header, which will always reference the default documents on the system, and not a virtual host.

I've been grepping through some scanners lately and haven't been able to find 'sumthin' in any of them; so far checked nmap, webvulnscan, nikto, and a few others. The HTTP/1.0 tells me though that this tool is designed to do what everyone has already come to for a conclusion; check server version/module inforamtion.

> -----Original Message-----
> From: Sverre H. Huseby [mailto:shh@thathost.com]
> Sent: Tuesday, January 07, 2003 4:32 PM
> To: Chris Norris
> Cc: incidents@securityfocus.com; Noam Eppel
> Subject: Re: /sumthin Revisited
>
>
> [Chris Norris]

This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Tue Jan 7 18:29:18 2003

This message: [ Message body ]
Next message: Jonathan A. Zdziarski: "RE: /sumthin Revisited"
Previous message: Sverre H. Huseby: "Re: /sumthin Revisited"
In reply to Sverre H. Huseby: "Re: /sumthin Revisited"
Next in thread: Jonathan A. Zdziarski: "RE: /sumthin Revisited"
Reply: Jonathan A. Zdziarski: "RE: /sumthin Revisited"
Reply: Rob Keown: "RE: /sumthin Revisited"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:55 EDT