[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Bug-Travel 0wnS y0u ::: Irc.Brasnet.Org #BugTravel
- Subject: Re: [cobalt-users] Bug-Travel 0wnS y0u ::: Irc.Brasnet.Org #BugTravel
- From: "E.B. Dreger" <eddy+public+spam@xxxxxxxxxxxxxxxxx>
- Date: Mon Mar 3 18:23:02 2003
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
T> Date: Mon, 3 Mar 2003 18:11:33 -0800
T> From: Tim
T> I got hit by:
T>
T> "Bug-Travel 0wnS y0u ::: Irc.Brasnet.Org #BugTravel"
T>
T> The exploit rewrote every html file on my Raq4i. On 80
T> different sites.
T>
T> Anyone got any ideas on how to stop this exploit??
Assuming turvill.com is the server in question:
Trying 65.172.200.62...
Connected to turvill.com.
Escape character is '^]'.
HTTP/1.1 302 Found
Date: Tue, 04 Mar 2003 02:21:01 GMT
Server: Apache/1.3.20 Sun Cobalt (Unix) mod_ssl/2.8.4 OpenSSL/0.9.6b PHP/4.1.2 mod_auth_pam_external/0.1 FrontPage/4.0.4.3 mod_perl/1.25
Location: http://www.turvill.com/
Connection: close
Content-Type: text/html; charset=iso-8859-1
I suggest upgrading Apache (if it isn't patched 1.3.20), mod_ssl,
and OpenSSL for starters.
Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@xxxxxxxxx>
To: blacklist@xxxxxxxxx
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist@xxxxxxxxx>, or you are likely to
be blocked.