I pointed out a while back some activity I have been seeing related to
awstats scanners (see
http://seclists.org/fulldisclosure/2011/Dec/372), but now that actvity
has morphed a bit to include attempts to leverage some vulnerabilities
previously reported in the phpAlbum project.
Specifically, I
/2011/12/importance-of-patching.html
On Tue, Dec 13, 2011 at 7:51 AM, Lamar Spells lamar.spe...@gmail.com wrote:
Today we are also seeing requests like this one which is looking to
exploit CVE-2008-3922:
GET /awstatstotals/awstatstotals.php ?
sort={${passthru(chr(105).chr(100))}}{${exit
-
Hash: SHA1
Same here, I even tried to notify a bunch of the ISP registrators of the IP
address range those originated from.
- -Nik
On 12/13/2011 07:30 AM, Bruce Ediger wrote:
On Mon, 12 Dec 2011, Lamar Spells wrote:
For the past several days, I have been seeing thousands of requests
Is it possible that FB fixed that quickly? It worked for me at about 10:00 AM
Eastern this morning.
Sent from my iPhone 4
On Dec 6, 2011, at 10:36 AM, darway yohansen darway.lev...@gmail.com wrote:
I just tested this and i don't get the same options as in step 5 Help us
take action by
I can confirm that this works. Ugh!
Sent from my iPhone 4
On Dec 6, 2011, at 9:41 AM, Peter Dawson slash...@gmail.com wrote:
Has this been ACK'ed by anyone else ?? Seems that FB's Report in/Block
process breaks their own privacy stds !
If you want to check a site versus actually bringing it down if it is
vulnerable, you can use the modifed version of the THC utility that I
pasted here: http://pastebin.com/bKLue33X
___
Full-Disclosure - We believe in it.
Charter:
