[conspire] "Lupper Worm" and the patching of bad software

Daniel Gimpelevich daniel at gimpelevich.san-francisco.ca.us
Fri Dec 2 08:41:58 PST 2005

On Wed, 09 Nov 2005 11:53:46 -0800, Rick Moen wrote:

> As is traditional for McAfee alerts, you have to search hard to find the
> point of interest, which is:  What vulnerability is exploited?  It's
> this one sentence; the rest of the advisory is superfluous:
> "Sends HTTP requests to the URLs it generates and attempts to spread by
> exploiting an XML-RPC for PHP remote code injection vulnerability, an
> AWStats rawlog plugin logfile parameter input validation vulnerability
> and the Darryl Burgdorf Webhints remote command execution
> vulnerability."

Yet another example of having to search for the point of interest:

More information about the conspire mailing list