[Dshield] Webcal Exploit?

George A. Theall theall at tifaware.com
Mon Feb 6 12:16:06 GMT 2006

On Sun, Feb 05, 2006 at 01:06:02PM -0500, David Cary Hart wrote:

> Watching the apache logs, I am seeing clients looking for webcal. That usually
> suggests that the nitwits have found a new php injection scheme.

I'm not aware of anything recent.  Do you have any log sample to share?

There were some XSS flaws in Webcal announced last December (Bugtraq ID
15917), but this was not code injection. 

Is it possible they're targetting webcalendar rather than webcal? There
was a remote file include flaw in its 'send_reminders.php' script
announced last August (Bugtraq ID 14651). 

theall at tifaware.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20060206/e1a06405/attachment.bin

More information about the list mailing list