Re: CGI Buffer Overflow?
Welcome to the wonderful world of the new IIS exploit
> Anyone seen this before? I have looked around for similar attacks, but
> cannot find any info. I assume that is a unicode string padded out with
> Ns. How would I go about finding out what is in the string?
> xxx.xxx.xxx.xxx - - [19/Jul/2001:14:28:23 -0400] "GET
> 078%u0000%u00=a HTTP/1.0" 400 328
> To UNSUBSCRIBE, email to email@example.com
> with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org