[Dshield] Webcal Exploit?
frank at knobbe.us
Tue Feb 7 15:49:59 GMT 2006
On Tue, 2006-02-07 at 06:51 -0500, George A. Theall wrote:
> As I'm sure you're aware, this rule is a general one for PHP code
> injection, not a check for this specific vulnerability.
Yup, noticed that when looking up the BID which is specific to WebCal.
Thus we didn't add the BID reference to the rule. It will detect such
exploit attempts though (and a gazillion more... the amount of web apps
vulnerable to php inclusion is rather high).
It is said that the Internet is a public utility. As such, it is best
compared to a sewer. A big, fat pipe with a bunch of crap sloshing
against your ports.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20060207/c4179ba4/attachment.bin
More information about the list