Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] apache log
  • From: Sven Michels <smichels@xxxxxxxxxxxx>
  • Date: Mon, 28 Jan 2002 14:42:54 +0100
  • Message-id: <3C55555E.47EB2920@xxxxxxxxxxxx>
Thomas Neukirch wrote:
>
> hi list,
>
> a few month ago i changed my website from microsoft iis to linux/apache.
>
> the following line is in the access_log (same like in iis-log):
>
> 213.168.123.157 - - [24/Jan/2002:20:47:25 +0100] "GET
> /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 294
>
> can anyone explain me whats going on here ?

you can ignore that, it's a worm like nimda ... nothing interesting
for you.

--
intraDAT AG http://www.intradat.com
Wilhelm-Leuschner-Strasse 7 Tel: +49 69-25629-0
D - 60329 Frankfurt am Main Fax: +49 69-25629-256
Junk mail is war. RFCs do not apply.

< Previous Next >
References