[5000] in WWW Security List Archive
Recent attacks
daemon@ATHENA.MIT.EDU (David Low)
Tue Apr 8 14:58:10 1997
From: David Low <C-Low@mail.dec.com>
To: "'www-security@ns2.rutgers.edu'" <www-security@ns2.rutgers.edu>
Date: Tue, 8 Apr 1997 11:10:30 -0400
Errors-To: owner-www-security@ns2.rutgers.edu
An individual who seems to have a past time of breaking into unix boxes
tends to use the test-cgi that come packaged with apache in order to
gain information on the system itself. If you are running apache, you
may want to remove execute privs from this CGI. He also goes after
rfh.cgi which I am not sure what it is (since its not on my system).
Anyone know what this does/how it can be used to gain information/access
to a machine?
David Low
