[ISN] www.idsoftware.com hacked (via Website Pro v2.0), web defaced

From: mea culpa (jerichoat_private)
Date: Tue Feb 16 1999 - 23:17:00 PST

  • Next message: mea culpa: "[ISN] Are You Naked Online? How to Protect Your E-Privacy"

    [Moderator: I am passing this along more with the generic warning of, make
     sure you stay abreast of security concerns! Odds are, every site is
     running at least one buggy/vulnerable program or service. Stay up to date
     on releases and known vulnerabilities. There is NO reason to get
     compromised when the information is made public!]
    
    Forwarded From: Erik Parker <netmaskat_private>
    Originally From: Christian Antkow <xianat_private>
    Originally To: BUGTRAQat_private
    Subject: Website Pro v2.0 (NT) Configuration Issues
    
     As some of you might be aware, our website (www.idsoftware.com) was hacked
    this morning using the "out-of-the-box" features of Website Pro 2.0. The
    perpetrator used /cgi-dos/args.bat as well as /cgi-win/uploader.exe to
    upload new files and overwrite our index.html file with a "Free Kevin"
    webpage (identical to the opening page of www.2600.com).
    
     Any admins out there running Website Pro for NT might want to double check
    your security settings, and possibly remove these demo files if you don't
    have an explicit need for them to exist.
    
     Cheers,
    
     -Xian
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:19:14 PDT