[horde] Probing for Horde version

Bill Graham grahamcw at hurleybulldogs.com
Sun Apr 16 09:43:07 PDT 2006 

They are looking for entry into your horde system. Since administrators 
may have horde residing  in a number of  different named directories 
they are trying all sorts of "standard"  directories. Since README 
doesn't have any code and will probably return the text, it is an easy 
to determine if a horde directory exists.  The rest of the story is - 
if they find a hit - they will try an exploit - probably the recent 
help exploit. Since you don't need the README in a production system - 
remove it. Same for the docs files. Slim and trim is good.

Bill

Quoting Steven Stern <subscribed-lists at sterndata.com>:

> I'm not sure what's going on, but someone is trying to determine what
> version of Horde I'm running. From today's logwatch:
>
>       /Horde//README: 1 Time(s)
>       /horde-3.0.1//README: 1 Time(s)
>       /horde-3.0.2//README: 1 Time(s)
>       /horde-3.0.3//README: 1 Time(s)
>       /horde-3.0.4//README: 1 Time(s)
>       /horde-3.0.5//README: 1 Time(s)
>       /horde-3.0.6//README: 1 Time(s)
>       /horde-3.0.7//README: 1 Time(s)
>       /horde-3.0.8//README: 1 Time(s)
>       /horde-3.0.9//README: 1 Time(s)
>       /horde2//README: 1 Time(s)
>       /horde3//README: 1 Time(s)
> --
>
>  Steve
> --
> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>



-- 

Bill Graham
Systems Administrator
Hurley Public Schools
Hurley,SD 57036
USA
grahamcw at hurleybulldogs.com


----------------------------------------------------------------
This electronic  mail sent from Hurley Public Schools - Hurley, South Dakota
http://www.hurleybulldogs.com

NOTICE: This E-mail (including attachments) is covered by the 
Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is 
confidential and may be legally privileged. If you are not the intended 
recipient, you are hereby notified that any retention, dissemination, 
distribution, or copying of this communication is strictly prohibited. 
Please reply to the sender that you have received the message in error, 
then delete it. Thank you.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-keys
Size: 1375 bytes
Desc: PGP Public Key
Url : http://lists.horde.org/archives/horde/attachments/20060416/451d9e8f/attachment.bin

More information about the horde mailing list