6 Oct
2001
6 Oct
'01
21:02
On Sat, 6 Oct 2001, Rolf Klemenz wrote:
Does anybody know of the following attak? These are getting more and more, starting by today...
:: Apache Access Log File ::<cut> 212.25.83.251 - - [06/Oct/2001:20:36:05 +0200] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 1438
[cut] I'd say it's Nimda. But it's a worm and not new :-) See http://cert.uni-stuttgart.de/ticker/article.php?mid=480 best regards, Rainer Link -- Rainer Link | SuSE - The Linux Experts link@suse.de | Developer of A Mail Virus Scanner (amavis.org) www.suse.de | Founder OpenAntiVirus Project (www.openantivirus.org)