For When You Can't Have The Real Thing
[ start | index | login ]
start > spam > VMware Server Vulnerable To Mail Relaying Attack?

VMware Server Vulnerable To Mail Relaying Attack?

Created by dave. Last edited by dave, 7 years and 198 days ago. Viewed 1,085 times. #1
[edit] [rdf]
(3 December 2011)

Interesting, from this morning Logcheck report:

/space/VMware/Server/modules/mod_spo/email_sender.php?also_email_to=sample@email.tst&spo_f_email[0]=sample@email.tst&spo_message=20&spo_msg_ftr=This%20contact%20message%20was%20generated%20using%20Simple%20Page%20Options%20Module%20from%20SITEURL.&spo_send_type=&spo_site_lang=../../../../../../../../../../../../../../../proc/self/environ%00 HTTP Response 302

Never see that before. Probably mostly because I'm not running VMware Server (well, not here at least). However I would never have thought exposing VMware Server management interfaces to the raw internet was ever going to be a good idea.

no comments | post comment
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.

Useful: | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt