Re: Does this merit a CERT advisory? :-)

Martijn Koster (m.koster@webcrawler.com)
Fri, 29 Mar 1996 14:01:58 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Super-User: "Slightly improved autoload docs (Was: aha, more LWP install problems)"
Previous message: Randy J. Ray: "Re: Netscape access libraries"
Maybe in reply to: Tom Christiansen: "Does this merit a CERT advisory? :-)"

>The following program is useful to test whether your site, or
>sites you control, have been compromised by the insanely idiotic
>practice of playing a perl executable in the cgi-bin.
>If you ever seen anyone post a URL like
>
>    http://dummy.org/cgi-bin/perl.exe?FMH.pl
>
>then you know they have the problem.  This is pathetically
>pervasive amongst (horrifically mismanaged) non-Unix web sites.

FYI... a search for url's containing 'perl.exe' in WebCrawler's
database finds 117.

>print "If I were nasty, you'd be spiderfood by now.\n";
>print "\n\n\t--the black widow\n";

print "Spidey says hi :-)\n";

-- Martijn

Email: m.koster@webcrawler.com
WWW: http://info.webcrawler.com/mak/mak.html

Next message: Super-User: "Slightly improved autoload docs (Was: aha, more LWP install problems)"
Previous message: Randy J. Ray: "Re: Netscape access libraries"
Maybe in reply to: Tom Christiansen: "Does this merit a CERT advisory? :-)"