[Snort-users] cachemgr.cgi

Max Vision vision at ...4...
Mon Jun 25 15:14:24 EDT 2001


All,

I am under an *enormous* amount of pressure right now and I don't want to
blow up over some stupid flame...  so I'll keep it really short.

A user posted a question about a couple of exploits:
http://whitehats.com/cgi/forum/messages.cgi?bbs=get_topic&f=2&t=000040

I asked for clarification... then went and searched for information about
the Squid cachemgr.cgi vulnerability, and then ran the query/attack and
grabbed the packet, then wrote up the signature.

I posted it to the forum.  No big deal.

Take care,
Max

---------- Forwarded message ----------
Date: Mon, 25 Jun 2001 11:19:40 -0700 (PDT)
From: feedback <info at ...4...>
To: vision at ...4...
Subject: ** Whitehats FEEDBACK **

comments: I would like to thank you for not giving credit where
credit is due.  Since credit is such an important thing
to arachNIDS, I feel it is important to relay the signatures
that I have written for snort in informed manor.

If you check the snort CVS logs, I added the latest
cachemgr.cgi signature on 2001/05/20.

While this signature was not complicated, I still added it over
a month before arachNIDS.

Since Max felt justified in bitching about my stealing credit
(which I never done) I feel it is important to bring this up.

IP Info: 129.83.19.1
Via:  by http://webproxy1.mitre.org:80 (Netscape-Proxy/3.52)
Referer: http://www.whitehats.com/contact.html





More information about the Snort-users mailing list