Hosting Provided By

Re: [security-elvandar] "access_log?hello" ?

From: Remko Lodder <remko(at)elvandar.org>
Date: Sun Jul 27 2003 - 18:19:28 EDT

Hi,

It could be an overflow attack to the access_log script which he/she believes exists.
With that he might get access to some logging OR access to the webserver (executing commands as
the webserver user) how he/she is going to do that, i don' know, but it's an option (:

Also notice that it's a HEAD request instead of the normal GET/POST requests..
perhaps that can give some more detail?
Going to try and find something tommorrow (it's past twelve here) but have a busy schedule
so dont promise anything

Cheers

--

Kind regards,

Remko Lodder
Elvandar.org/DSINet.org
www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene


Salvatore Poliandro wrote:

>-- OM--






---------------------------------------------------------------------------
----------------------------------------------------------------------------

Received on Mon Jul 28 13:34:53 2003

This message: [ Message body ]
Next message: Harlan Carvey: "Re: Is this enough to identify this by?"
Previous message: sa7ori: "Re: www.google.com reference in directory-traversal attack"
In reply to Salvatore Poliandro: "Re: [security-elvandar] "access_log?hello" ?"
Next in thread: Shafik Yaghmour: "Re: "access_log?hello" ?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:13 EDT