[Dshield] OpenWebMail Vulnerabilities?

Jon R. Kibler Jon.Kibler at aset.com
Wed Mar 23 18:36:50 GMT 2005


Greetings all,

Over the past couple of days we have seen innumerable log entries searching for openwebmail.pl, such as below:
> (HOSTNAME DELETED) - - [23/Mar/2005:11:17:47 -0500] "GET /cgi-bin/openwebmail/openwebmail.pl HTTP/1.0" 404 228

Is there some new vulnerability here? Google gives a bunch of links to a 2002/12 problem with v1.71, but does not show anything newer. BTW, most (all?) of the scans appear to originate from Asia.

Jon Kibler
-- 
Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



More information about the list mailing list