[conspire] "Lupper Worm" and the patching of bad software
Daniel Gimpelevich
daniel at gimpelevich.san-francisco.ca.us
Fri Dec 2 08:41:58 PST 2005
On Wed, 09 Nov 2005 11:53:46 -0800, Rick Moen wrote:
[snip]
> As is traditional for McAfee alerts, you have to search hard to find the
> point of interest, which is: What vulnerability is exploited? It's
> this one sentence; the rest of the advisory is superfluous:
>
> "Sends HTTP requests to the URLs it generates and attempts to spread by
> exploiting an XML-RPC for PHP remote code injection vulnerability, an
> AWStats rawlog plugin logfile parameter input validation vulnerability
> and the Darryl Burgdorf Webhints remote command execution
> vulnerability."
[snip]
Yet another example of having to search for the point of interest:
http://news.com.com/Sun+plugs+serious+holes+in+Java/2100-1002_3-5975496.html
More information about the conspire
mailing list