|Test if you are vulnerable|
Nothing really to add here. It makes me just thinking…. those things still happens (thxG). More here, here, here, here and here
UPDATE (click to enlarge):
|From PasteBin (here)|
No Way… Wondering of many triggering vector would be out there
After some days from the original 6271, more than 5 vulnerabilities have been found on the same “way”. My favorite place to stay up-to-date on this topic is that Repository.
If you are still wondering what are the real risks for your company, here some simple examples from (here).
Find out your vulnerable cgi. Get it, and learn from the results…
As simple is a curl, remove everything you want (this is freaking scary).
And then be sure everything went as you whished.
Are you wondering…. if I could…. , … , yes you can !
And, yes.. this vulnerability is “wormable”, it might be used for spreading worms.