Scanning for Trixbox vulnerabilities

Published: 2009-02-01
Last Updated: 2009-02-02 16:50:48 UTC
by Chris Carboni (Version: 1)
0 comment(s)

A reader writes in:

HTTP scans have started to include a TRIXBOX (trixbox.org) vulnerability.  Tribox is a modified implementation of the asterisk product focused at commercial enterprises.  It combines asterisk with some Cisco monitoring features.  It appears attackers are focusing on the cisco DOMIT RSS feature.

xx.xx.xxx.xxx - - [31/Jan/2009:00:58:15 -1000] "GET /cisco/services/rss/DOMIT/

domit_rss/domitBanner.gif HTTP/1.1" 404 26 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
Keywords: scanning
0 comment(s)

Comments

cwqwqwq
eweew<a href="https://www.seocheckin.com/edu-sites-list/">mashood</a>
WQwqwqwq[url=https://www.seocheckin.com/edu-sites-list/]mashood[/url]
dwqqqwqwq mashood
[https://isc.sans.edu/diary.html](https://isc.sans.edu/diary.html)
[https://isc.sans.edu/diary.html | https://isc.sans.edu/diary.html]
What's this all about ..?
password reveal .

Diary Archives