[Emerging-Sigs] internet privacy advocate system being used for hacking?

Jamie Riden jamie.riden at gmail.com
Fri Jan 23 12:05:20 EST 2009

2009/1/23 Michael Scheidell <scheidell at secnap.net>:
> I suppose two issues and one question.
> There has been a lot of scanning lately for roundcube servers, as evidenced
> by log entries in web servers like this:
> - - [22/Jan/2009:23:25:34 -0500] "GET HTTP/1.1 HTTP/1.1" 400
> 275 "-" "Toata dragostea mea pentru diavola"
> - - [22/Jan/2009:23:25:35 -0500] "GET /roundcube//bin/msgimport
> HTTP/1.1" 404 7555 "-" "Toata dragostea mea pentru diavola"

Hi Michael,

I think they're looking for this vulnerability: "RoundCube
vulnerability allows injection of arbitrary scripting code "

I've not really been looking, but apparently there has been a massive
increase in scanning for roundcube since this vulnerability was

I don't know anything about poundprivacy, but it's been possible to do
similarly untraceable web hacking using tor for a while now.

Jamie Riden / jamesr at europe.com / jamie at honeynet.org.uk

More information about the Emerging-sigs mailing list