| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CALpEnoCKMzC49i+nhcx88GWOvA-GXZ0T3aw5EXPEL2rND8C0Kg@mail.gmail.com>
Date: Thu, 6 Jun 2013 06:52:45 -0500
From: Ed Velez <ed.velez@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Plesk Apache Zeroday Remote Exploit
Only versions 9.0 - 9.2.3 seem to be effected. Looks like this may have
been lurking for some time:
http://kb.parallels.com/en/113818
At least they noted that these versions *might* be vulnerable...
On Thu, Jun 6, 2013 at 4:41 AM, Milan Berger <m.berger@...ject-mindstorm.net
> wrote:
> Hi king cope,
>
> > Please keep headers intact.
>
>
> tried your exploit on some SuSE and Debian machines, I was never able
> to get what I deserve, never found this phppath/php getting Error
> 404/403.
>
> Any suggestions?
>
> --
> Kind Regards
>
> Milan Berger
> Project-Mindstorm Technical Engineer
>
> ---
> project-mindstorm.net
> Fruehlingstrasse 4
> 90537 Feucht
> Germany
>
> Mob.: +49 176 22987602
>
> https://www.ghcif.de
> http://www.nopaste.info (for sale)
> https://www.digital-bit.ch
> http://www.project-mindstorm.net
>
>
> twitter: http://twitter.com/twit4c
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists