*Has anyone tried this?
I just did. Looks like the thing is for real, tries to access 'etc/passwd'
utilizing htmlscript and several others listed below.
PHF
Test-CGI
Campas
Frontpage
Webdist
Handler
View-Source
PHP
NPH-Test
Some domains return:
1) The host <host.com> may be vulnerable to htmlscript related attaches
for others
2) The host <host.com> can not be exploited through htmlscript
I have no idea what the configuration differences are, or even if the "may
be vulnerable" cases are anything to worry about. I kind of doubt it since
'htmlscript.com' returned message number 1. :-)
Jim
-------------------- HTMLSCRIPT CORPORATION FOOTER ----------------------
LIST POLICY- http://www.htmlscript.com/support/hts-users-policy.html
DEVELOPER RESOURCES- http://www.htmlscript.com/developer/
CONTRIBUTORS- http://www.htmlscript.com/contributor/
TO UNSUBSCRIBE - Send mail to majordomo@htmlscript.com with the following
on the *first* line of the message body (not the subject):
unsubscribe hts-users youremail@yourdomain.com
------------------ END HTMLSCRIPT CORPORATION FOOTER --------------------