From: Stephen Cobb <stephen@iu.net>
Date: Mon, 19 Aug 1996 04:36:36 +0800
To: m5@tivoli.com
Subject: Re: Hackers invade DOJ web site
Message-ID: <1.5.4.32.19960818184633.00c0c884@iu.net>
MIME-Version: 1.0
Content-Type: text/plain


At 09:03 PM 8/17/96 -0500, you wrote:
>CNN online (http://www.cnn.com) is reporting a "breakin" by "hackers"
>to the DOJ web site.  They don't elaborate exactly how thy did it.
> 
>______c_________________________________________________________________
>Mike M Nally * Tiv^H^H^H IBM * Austin TX * For the time being,
>       m5@tivoli.com * m101@io.com       *    
>      <URL:http://www.io.com/~m101>      * three heads and eight arms.
>
If anyone happens to know which vulnerability(s) this hack exploited I would
be most grateful if they could let me know, either on the list or privately
(stephen@iu.net). I am not asking for someone to publish the attack script
or specifics of what was done to get in, but I would like to know what holes
were used (e.g. cgi script error).

Respectfully...Stephen