[Emerging-Sigs] internet privacy advocate system being used for hacking?
jamie.riden at gmail.com
Fri Jan 23 12:05:20 EST 2009
2009/1/23 Michael Scheidell <scheidell at secnap.net>:
> I suppose two issues and one question.
> There has been a lot of scanning lately for roundcube servers, as evidenced
> by log entries in web servers like this:
> 188.8.131.52 - - [22/Jan/2009:23:25:34 -0500] "GET HTTP/1.1 HTTP/1.1" 400
> 275 "-" "Toata dragostea mea pentru diavola"
> 184.108.40.206 - - [22/Jan/2009:23:25:35 -0500] "GET /roundcube//bin/msgimport
> HTTP/1.1" 404 7555 "-" "Toata dragostea mea pentru diavola"
I think they're looking for this vulnerability: "RoundCube
vulnerability allows injection of arbitrary scripting code "
I've not really been looking, but apparently there has been a massive
increase in scanning for roundcube since this vulnerability was
I don't know anything about poundprivacy, but it's been possible to do
similarly untraceable web hacking using tor for a while now.
Jamie Riden / jamesr at europe.com / jamie at honeynet.org.uk
More information about the Emerging-sigs