Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: New variant of mambo exploit making the rounds - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New variant of mambo exploit making the rounds
We've gotten e-mail from some of our readers that indicates a new variant of the Mambo/XML-RPC exploits from last year (see and are making the rounds.  As far as we can tell, it still exploits the same vulnerabilities, so those who patched last year should be okay, but obviously there are some servers out there that haven't because we have word of a few that have been defaced via this exploit. :(

Jim Clausing, jclausing --at--
I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS DFIR Summit & Training 2022


423 Posts
ISC Handler
Feb 19th 2006

Sign Up for Free or Log In to start participating in the conversation!