North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
RE: CodeRed: New Variant?
- From: Bob K
- Date: Mon Aug 06 10:54:10 2001
A quick skim through the bulletin tells me that someone *could* write a
worm that incorporates that vulnerability, but I haven't seen any attempts
in my httpd logs...
On Mon, 6 Aug 2001, Seth M. Kusiak wrote:
>
> Perhaps I should explain a bit more:
>
> This is a known exploit
> (http://www.microsoft.com/technet/security/bulletin/ms01-023.asp) however I
> saw many requests from multiple IP's. I thought that this was odd to see so
> many in such a short time. I thought that maybe another worm was on the
> loose.
>
> ~Seth
>
> Seth M. Kusiak writes:
>
> >
> > I'm seeing this. Anyone else?
> >
> > --------------------------------------------------------------------------
> > 2001-08-05 22:11:37 <Client IP> - <Server IP> 80 GET /NULL.printer - 302 0
> > 315 2365 0
> > ��������������������������������������������������������������������������
> > ��
> > ��������������������������������������������������������������������������
> > ��
> > ��������������������������������������������������������������������������
> > ��
> > ��������������������������������������������������������������������������
> > �� �������������������������3����؋��@`3۳$����빐��1�j - - -
> > --------------------------------------------------------------------------
>
>
--
Bob <[email protected]> | Yes. I know. That is, indeed, *not* mayonnaise.
|