On Fri, 1 Jun 2001, John wrote: > > Hi KF I couldn't find any reference to this script except > for one and that turned up nothing. I talked to the vendor for > about two days and it turned out that he was not the author of > the script I was looking for, but he decided to review all of > his source code after talking with me =) I ask the list for help > because an associate of mine found a exploit on an compromised > machine for master.cgi, so, I wanted to get in contact with the > vendor to see if they know about this vulnerability. Also, > sorry for the mistake on the subject. It's possible the CGI that was compromised is distributed under a different name than the one you found. What form element names get passed to it, and more importantly, what is the CGI supposed to do? These two bits of information will probably identify it fairly quickly. -- Joe Technical Support General Support: supportat_private Blarg! Online Services, Inc. Voice: 425/401-9821 or 888/66-BLARG http://www.blarg.net
This archive was generated by hypermail 2b30 : Sun Jun 03 2001 - 16:29:01 PDT