Re: Reported Kazaa and Morpheus vulnerabilities

From: HarryM (harrym@the-group.org)
Date: Mon Feb 04 2002 - 05:07:29 PST

Next message: David Litchfield: "Re: Lotus Domino password bypass"

Previous message: Jens H. Christensen: "RE: Lotus Domino password bypass"
In reply to: Qazi M. M. Ahmed: "Re: Reported Kazaa and Morpheus vulnerabilities"
Next in thread: Stanley G. Bubrouski: "Re: Reported Kazaa and Morpheus vulnerabilities"
Next in thread: Carlos Gaona: "Reported Kazaa and Morpheus vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I tried the http put style, didnt work but got the kazaa username with
> the following info:
>
> HTTP/1.0 501 Not Implemented
> X-Kazaa-Username: some_kazaa_user
> X-Kazaa-Network: MusicCity
> X-Kazaa-IP: xxx.xxx.xxx.xxx:1214
>
> Kazaa username and IP adress is changed for whatever purpose. :)
>
> Qazi M.M. Ahmed

the more I read the mroe I think this is a non-issue :)

http://www.yar.opennet.ru/base/exploits/999621483_223.txt.html
http://cert.uni-stuttgart.de/archive/bugtraq/2001/08/msg00416.html

While this is the topic, check this out. apparently a dos attack, unrelated
to the http thing. this is from september though so i daresay it's not
important anymore, if it ever was.

http://www.securiteam.com/exploits/5XP0D1F5FM.html


Harry M

Next message: David Litchfield: "Re: Lotus Domino password bypass"
Previous message: Jens H. Christensen: "RE: Lotus Domino password bypass"
In reply to: Qazi M. M. Ahmed: "Re: Reported Kazaa and Morpheus vulnerabilities"
Next in thread: Stanley G. Bubrouski: "Re: Reported Kazaa and Morpheus vulnerabilities"
Next in thread: Carlos Gaona: "Reported Kazaa and Morpheus vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Feb 04 2002 - 10:28:49 PST