Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] access_log!?
  • From: Leonel Rivas <leorivas@xxxxxxxxx>
  • Date: Thu, 10 Jan 2002 07:37:37 -0800 (PST)
  • Message-id: <20020110153737.43535.qmail@xxxxxxxxxxxxxxxxxxxxxxx>
Hi
Isn't that the 'Red Code' http call? , i have got many
logs like this, but Apache always respond a 404
(obviously, this kind of attack is a buffer overflow
-see the amount of 'N's to default.ida script- and i
think is planned to MS IIS, not apache, then, there
should be nothing to worry, only delete the hundreds
of logs like this!.)
logs stopped putting a zero length default.ida file on
the http root.
opinions?

regards
Leo

--- "G. Lautenbach" <g.lautenbach@xxxxxxxxx> wrote:
>
> hello list,
>
> i found this in my access_log off my webserver:
>
> 140.127.181.170 - - [09/Jan/2002:18:49:00 +0100]
> "GET
> /default.ida?NNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> N
> NNN
>
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%
> u909
>
>
0%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8
> b00% u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 400
> 323
>
> can any off you please explain what happened. is it
> something to worry
> about?
>
> regards
>
>
>
> --
> To unsubscribe, e-mail:
> suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail:
> suse-security-help@xxxxxxxx
>


__________________________________________________
Do You Yahoo!?
Send FREE video emails in Yahoo! Mail!
http://promo.yahoo.com/videomail/

< Previous Next >
Follow Ups
References