| To: | bugtraq@securityfocus.com |
|---|---|
| Subject: | Re: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include |
| From: | Casey Marshall <rsdio@metastatic.org> |
| Date: | Tue, 30 Jan 2007 16:33:01 -0800 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | bugtraq-list@securepoint.com |
| Delivered-to: | mailing list bugtraq@securityfocus.com |
| Delivered-to: | moderator for bugtraq@securityfocus.com |
| In-reply-to: | <20070130113031.3446.qmail@securityfocus.com> |
| List-help: | <mailto:bugtraq-help@securityfocus.com> |
| List-id: | <bugtraq.list-id.securityfocus.com> |
| List-post: | <mailto:bugtraq@securityfocus.com> |
| List-subscribe: | <mailto:bugtraq-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:bugtraq-unsubscribe@securityfocus.com> |
| Mailing-list: | contact bugtraq-help@securityfocus.com; run by ezmlm |
| References: | <20070130113031.3446.qmail@securityfocus.com> |
On Jan 30, 2007, at 3:30 AM, trzindan@hotmail.fr wrote: <snip non-exploit>You know, I'm personally starting to wonder if these bogus "vulnerabilities" are really just some low-bandwidth communication. Given the "greetz" and "shoutout" crap that follows each posting, which could be a little encoded message. Then just grep PHP code for 'include' or 'require_once', and send. You aren't plotting terrah with fake PHP 'sploits, are ya? |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [ECHO_ADV_63$2007] Cadre remote file inclusion, y3dips |
|---|---|
| Next by Date: | Re: Defeating CAPTCHAs via Averaging, Fred Leeflang |
| Previous by Thread: | Re: BOGUS: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include, Mailinglists Address |
| Next by Thread: | [ MDKSA-2007:030 ] - Updated bind packages fix DoS vulnerabilities, security |
| Indexes: | [Date] [Thread] [Top] [All Lists] |