| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9E97F0997FB84D42B221B9FB203EFA27F94249@dc1ms2.msad.brookshires.net> Date: Mon Jun 13 20:34:44 2005 From: toddtowles at brookshires.com (Todd Towles) Subject: alya.cgi It appears to be a CGI dropped by a hacker tool. It may execute shell commands from several different directories. Doesn't anyone use Google anymore.... Just because Nessus says alya.cgi could be a backdoor doesn't mean it is..Nessus is a very good VA scanning but it does produce a fair amount of false positives. > -----Original Message----- > From: full-disclosure-bounces@...ts.grok.org.uk > [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf > Of Nobody Special > Sent: Monday, June 13, 2005 2:17 PM > To: full-disclosure@...ts.grok.org.uk > Subject: [Full-disclosure] alya.cgi > > I ran a nessus scan on my neighbor's Soniwall firewall > appliance's ip address and found out there is an alya.cgi > file, which is ranked as HIGH risk. However, no one knows > what it does beside that "alya.cgi is a cgi backdoor > distributed with multiple rootkits." > Does anyone on list know what this cgi can do? > > cokster > > > > __________________________________ > Do you Yahoo!? > Read only the mail you want - Yahoo! Mail SpamGuard. > http://promotions.yahoo.com/new_mail > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
Powered by blists - more mailing lists