[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Hacker Goes On Defacement Spree In Australia

Subject: Re: [cobalt-security] Hacker Goes On Defacement Spree In Australia
From: enrique <enriquevega@xxxxxxx>
Date: Fri, 7 Sep 2001 01:31:06 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

I found how to fix the security hole in bbs_forum.cgi :-) The answer isat:

http://www.extropia.com/hacks/security/bbs_security.html

enrique

On Thursday, September 6, 2001, at 11:00 PM, enrique wrote:

Just thought I would let you all know that I found the hacker/s thatdefaced one of my virtual sites on a RaQ3. I still haven't figured outall that could have been done, but I did find the hacker got throughusing a cgi. I did a grep on the web.log file for "dwarf" and thenfound that bbs_forum.cgi was being used to execute perl scripts.

References:
- [cobalt-security] Hacker Goes On Defacement Spree In Australia
  - From: enrique

Prev by Date: [cobalt-security] Hacker Goes On Defacement Spree In Australia
Next by Date: Re: [cobalt-security] Hacker Goes On Defacement Spree In Australia
Previous by thread: [cobalt-security] Hacker Goes On Defacement Spree In Australia
Next by thread: Re: [cobalt-security] Hacker Goes On Defacement Spree In Australia

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index