--- Brady McClenon <[EMAIL PROTECTED]> wrote:
> And, is the server hosting the forum
> truly infected/compromised?
well, at least it's untrustworthy through no fault of it's own. If I
wanted to 'own' a lot of boxes I would indeed put a bad WMF/JPG up as
my avatar. Nobody would even think that they had a problem.
> It
> only indexes what is ALREADY on your hard drive. How did it get
> there to begin with?!?
How about wget running on a DOS box?
> Obviously the user interacted with it at some point in
> the past in order to put it there.
er, see above.
I guess my earlier response didn't go to the list. The WMF exploit is
another nifty way to own a box after exploiting another configuration
problem. My webservers have logs in them with people trying to use PHP
bugs to download malicious WMF TO my webserver and execute them there
and thus try to own my webserver. Doesn't work too hot when the OS is
Linux, buy hey.
__________________________________________
Yahoo! DSL Something to write home about.
Just $16.99/mo. or less.
dsl.yahoo.com
---------------------------------------------------------------------------
---------------------------------------------------------------------------
