Full Disclosure: Re: file inclusion (les visiteurs)

[Christian Horchert <chorchert () veedev de>]

Am 02.12.2003 um 23:20 schrieb gazpa:
> If you analize the url and the msg send by Evert, it's only a extract 
> of
> his apache (or webserver) log.
I know. They try to find out if that installation is vulnerable,
what's running and so on.

> I understand that it is only an advise of what has find on his
> webserver, warning others of a possible atack if they have 'les
> visiteurs' installed.
What do you think would have happened if Evert did not read Bugtraq
and applied the patch? Do you think they would send him an email like
"Hey Evert, you have a funky version of Les Visiteurs installed. 
Consider
a patch or use another maintained software for your purpose".
I don't really think so, but I can be completely wrong as I
mentioned before.

> The exploiting, injections and webscan in google (xD) is made by 
> *XfTeam*,
> a hacker or kiddies (as you want) group. The group that the
> warning is about.
First of all: I neigther call them hackers nor kiddies. Second: For me
it doesn't really matter if they (or whoever) call themself "XfTeam" or
"XFree Team" or "Bastard Brownies from Hell", I was refering to the
self advertised website defacements, no matter how they did it and whose
exploits they use.

> If I'm wrong, Evert, correct me.
> I think that it is a security realted post, and blames are out of 
> contest.
I blamed the ppl trying to exploit this vulnerability, not Evert, 
because
it's interessting to see, at least for me it is.

Ahh, gotcha now. You simply misunderstood the intention of the other
posts. Guess we talk at cross purposes ...

  Christian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html