Sun 14 Sep, 2003 09:05 pm
1 of the admins might wanna contact me I see like 15 holes in the server.
u want me to make em public? a couple cant be fixed but some can.
MyAbraCadaWeb Path Disclosure Vulnerability
something related to the Benjamin Lefevre Dobermann Forum Remote File Include Vulnerability
ProFTPD SQL Injection mod_sql Vulnerability
Univ. Of Washington imapd Buffer Overflow Vulnerabilities- 2 of them
YaBB Login Cross-Site Scripting Vulnerability
EZ Publish Multiple Cross Site Scripting Vulnerabilities
Geeklog Multiple Cross Site Scripting Vulnerabilities
Portix-PHP Index.PHP Directory Traversal Vulnerability- 2 of em
Py-Membres Index.PHP Unauthorized Access Vulnerability..well related to it
PHP Nuke Error Message Web Root Disclosure Vulnerability
SMTP without AuthLogin
Email List...not really a hole but ya
A list of the scripts in your dir...could be used for more exploits.
Please explain, most of what you posted are old exploits from securityfocus.com and oddly enough are exploits for software that does not reside on A2K servers.
is a2k ip 22.214.171.124? and yes I know they are old.
I think you used an outdated version of SSS to scan. I just scanned and found a lot less than you did.
They were all false alarms. Most of them are for software I do not even have on any of the servers. Others are for things that are not vulnerabilities at all (e.g. the mail ones simply mean they found email addresses, and all apache installations have email addresses on teh apache docs). Other ones were for software that I do not run (e.g. ProFTP, I use PureFTP).
kool im 2 damn tired to look for myself just caught some sleep maybe i will later SSS is just so much quicker lol I run it as a 1st method seems to work ok most of the time, for anyone that donno how craven knew i used SSS I had PMed him. Craven did you quick scan or complete?
I did a complete scan. But SSS gets lots of false alarms. Even so, the false alarms it gives were not exploits we'd be vulnerable to as most were local exploits and since I don't host anyone they don't spply.
well some of then can be executed from a account without full access, I would never try to harm this site just looking out for it. I rescanned it same thing. I wouldn't take the time to go after any sites lol too busy with my own. I'll see if I can manually find some exploits later
I'd not bother looking. The reason why I didn't mind you posting the exploits here is because I'd installed a new kernel the day before and had made sure everythingis patched.
ahh kool, I've been too busy anyway....could probably find some but I don't think you have to worry it doesn't seem like anyone skilled is attacking anyway. Keep up the good work.
Ah, they are attacking alright (tonight in fact, most visible sites are sporadically attacked in some way) but with no credit card information etc on this server there's really no point. In a worst case scenario I'd simply have to restore the site on a new server after a temporary disruption.