Re: Vulernability in /cgi-bin/shopper.exe?

From: David Kennedy CISSP (david.kennedyat_private)
Date: Fri Jul 27 2001 - 00:30:56 PDT

  • Next message: Soeren Ziehe: "Re: code red - c:\notworm"

    -----BEGIN PGP SIGNED MESSAGE-----
    
    At 12:38 PM 7/26/01 -0700, Michael Katz wrote:
    >I have been unable to find any specific vulnerabilities with
    >shopper.exe.  
    >
    >I believe that there are either new unpubished vulnerabilities in
    >the shopper.exe executable or attackers are looking to exploit the
    >existing vulnerabilities listed above.  
    >
    >If you have PDGSoft's Shopping Cart package, be warned.
    
    http://www.nipc.gov/warnings/advisories/2001/01-007.htm
    
    ADVISORY 01-007
    
    "PDG Shopping Cart Software" Vulnerability Affecting E-Commerce
    Issued
    04/06/2001
    
    Downloading the W32 version of the patch, a new version of
    shopper.exe is in the archive.
    
    To give a little credit where credit is due, AFAIK this was the only
    time NIPC issued an advisory before a problem was common knowledge by
    anyone not living in a cave.  To what extent there were already
    victims of the problem is something we'll probably never know. I do
    wonder if it had anything to do with their investigation that yielded
    one of their "DOH" advisories:
    http://www.nipc.gov/warnings/advisories/2001/01-003.htm
    
    
    -----BEGIN PGP SIGNATURE-----
    Version: PGP Personal Privacy 6.5.8
    Comment: hacker=cybercriminal the definition has changed; get over it
    
    iQCVAwUBO2EYe/GfiIQsciJtAQHUAgQAxiNOcW5vdLNMO9Lp7Tmd0Ngt9SRuP94c
    2qWhKavXOUgIj5e3stfIHqtnguuyVn3qoB4AeKDNGWoz1pok2vjcozNl8C0ToFZW
    fPnkvyymqGW9Vga44dqeR6Cu3opblHuQ74mFubNtlPFseju0erj1CcDDwyE6Hkm9
    PNpAV/WVAls=
    =KEDL
    -----END PGP SIGNATURE-----
    
    -- 
    Regards,
    
    David Kennedy CISSP
    Director of Research Services, TruSecure Corp. http://www.trusecure.com
    Protect what you connect.
    Look both ways before crossing the Net.
    
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Sun Jul 29 2001 - 09:23:02 PDT