[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Hacker Goes On Defacement Spree In Australia
- Subject: Re: [cobalt-security] Hacker Goes On Defacement Spree In Australia
- From: enrique <enriquevega@xxxxxxx>
- Date: Fri, 7 Sep 2001 01:31:06 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
I found how to fix the security hole in bbs_forum.cgi :-) The answer is
at:
http://www.extropia.com/hacks/security/bbs_security.html
enrique
On Thursday, September 6, 2001, at 11:00 PM, enrique wrote:
Just thought I would let you all know that I found the hacker/s that
defaced one of my virtual sites on a RaQ3. I still haven't figured out
all that could have been done, but I did find the hacker got through
using a cgi. I did a grep on the web.log file for "dwarf" and then
found that bbs_forum.cgi was being used to execute perl scripts.