CodeRed: New Variant?
Bob K
melange at yip.org
Mon Aug 6 14:51:03 UTC 2001
A quick skim through the bulletin tells me that someone *could* write a
worm that incorporates that vulnerability, but I haven't seen any attempts
in my httpd logs...
On Mon, 6 Aug 2001, Seth M. Kusiak wrote:
>
> Perhaps I should explain a bit more:
>
> This is a known exploit
> (http://www.microsoft.com/technet/security/bulletin/ms01-023.asp) however I
> saw many requests from multiple IP's. I thought that this was odd to see so
> many in such a short time. I thought that maybe another worm was on the
> loose.
>
> ~Seth
>
> Seth M. Kusiak writes:
>
> >
> > I'm seeing this. Anyone else?
> >
> > --------------------------------------------------------------------------
> > 2001-08-05 22:11:37 <Client IP> - <Server IP> 80 GET /NULL.printer - 302 0
> > 315 2365 0
> >
> >
> >
> >
> >
> >
> >
> > 3À°Ø@`3Û³$Ãÿàë¹1j - - -
> > --------------------------------------------------------------------------
>
>
--
Bob <melange at yip.org> | Yes. I know. That is, indeed, *not* mayonnaise.
More information about the NANOG
mailing list