キャップ漏れ騒動対策本部 (294レス)
上
下
前
次
1-
新
5
: 2011/01/08(土)13:09
ID:UwwdYj+W(2/2)
AA×
外部リンク[dat]:be.2ch.net
[240|
320
|
480
|
600
|
100%
|
JPG
|
べ
|
レス栞
|
レス消
]
5: [] 2011/01/08(土) 13:09:09 ID:UwwdYj+W -"higashinihon" found http://be.2ch.net/test/sss/hoop.dat -above file itself do not have any meaning -though files under /test/sss were viewable due to Apache setting error -under sss/, there were other cgi's viewable 1/6 -"mopekichi" found it and executed scripts -That cgi was crap, and without passwords, he was able to get CAP rights, move threads, view other files -many people executed cgi scrips, and were able to view other cgi script's source -cgi allows read and write. By using this, user was able to delete files, plant viruses, or worst case, wipe out data -This cgi bug were capable of executing on other servers as well. No record of how many servers were affected -FOX★ claimed that he was not affected by it and left the office. Most likely no arrest will be made -To restore the service, bbs.cgi will be rewritten. Services affected so far 1/7 -Moved some threads. Planted code to send users to groupon website or viruses ->Thus people said it's dangerous to open 2ch.net on browser, but that server has been shut down and doesn't have any more effect -cgi source was viewable and people were freely able to write. 2ch.net CAP system is stopped and no one can write in as CAP -Due to cap pass leak, users were capable to delete post, or expose IP log. Currently all services are stopped except for read/write -Someone planting viruses on all servers? There was enough time to do so. -Offenders are "mopekichi", "higasinihon" and other people who used it. Chance of suing them as well. 上はJim用。 解ってるとは思うけど一応ね http://mercury.bbspink.com/test/read.cgi/erobbs/1294457635/5
上は用 解ってるとは思うけど一応ね
上
下
前
次
1-
新
書
関
写
板
覧
索
設
栞
歴
あと 289 レスあります
スレ情報
赤レス抽出
画像レス抽出
歴の未読スレ
AAサムネイル
ぬこの手
ぬこTOP
0.036s