[Dshield] OpenWebMail Vulnerabilities?

Jon R. Kibler Jon.Kibler at aset.com
Wed Mar 23 18:36:50 GMT 2005

Greetings all,

Over the past couple of days we have seen innumerable log entries searching for openwebmail.pl, such as below:
> (HOSTNAME DELETED) - - [23/Mar/2005:11:17:47 -0500] "GET /cgi-bin/openwebmail/openwebmail.pl HTTP/1.0" 404 228

Is there some new vulnerability here? Google gives a bunch of links to a 2002/12 problem with v1.71, but does not show anything newer. BTW, most (all?) of the scans appear to originate from Asia.

Jon Kibler
Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214

Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.

More information about the list mailing list