[nsp-sec] mass SQL injections (robint.us)
Harri Sylvander
harri.sylvander at csc.fi
Fri Jun 11 02:56:22 EDT 2010
ACK 1741. Thanks for the heads up!
> 1741 | 193.167.81.58 | FI | 3 | barents.fi | http://www.barents.fi/?newsid=4232&deptid=13875&languageid=4&news=1 | FUNETAS FUNET autonomous system
> 1741 | 193.167.215.43 | FI | 1 | webhallinta.ulapland.fi | http://webhallinta.ulapland.fi:81/alueuutiset/local_news_list.asp?deptid=9223 | FUNETAS FUNET autonomous system
Any chance of getting timestamps? The constituent had noticed some
"funkyness" on their IISes, restored the DB:s and found the
vulnerable scripts in their software earlier this week
(2010-06-09). Now wondering if their sites are still compromised or if
the issue has been resolved.
Cheers,
-hts
--
Harri Sylvander, Funet CERT, CSC - IT Center for Science Ltd.
P.O. Box 405, 02101 Espoo, Finland, tel +358 9 457 2082
CSC is the Finnish IT Center for Science, http://www.csc.fi/
e-mail: harri.sylvander at csc.fi
More information about the nsp-security
mailing list