[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: new www vulnerablity



The access request for "/..À¯../..À¯../cmd1.exe" indicates that this
is some kind of Microsoft bug (no suprises there).  I recieve plenty
of probes like this a day, it's probably just some hacker running an
automated script to check for vulnerable sites.  Nothing to worry
about unless you're running IIS ;-)

On Mon, Apr 08, 2002 at 10:31:43PM +0200, James Nord wrote:
> Hi,
> 
> Is anyone aware of a vulnerablity that is characterised by the following 
> against a www server?
> or is the ^E etc just a way of trying to hide the variuos attempts below?
> 
> [Sat Apr  6 02:44:07 2002] [error] [client 24.101.140.253] Invalid 
> method in request ^E^A
> [Sat Apr  6 02:44:07 2002] [error] [client 24.101.140.253] Invalid 
> method in request ^E^A^B
> [Sat Apr  6 02:44:08 2002] [error] [client 24.101.140.253] Invalid 
> method in request ^A
> [Sat Apr  6 02:44:09 2002] [error] [client 24.101.140.253] Invalid 
> method in request ^Z
> [Sat Apr  6 02:44:12 2002] [error] [client 24.101.140.253] File does not 
> exist: /mnt/bigone/www/html/www.teilo.net/invalidfilename.htm
> [Sat Apr  6 02:44:12 2002] [error] [client 24.101.140.253] Options 
> ExecCGI is off in this directory: 
> /mnt/bigone/www/html/www.teilo.net/invalidfilename.cgi
> [Sat Apr  6 02:44:13 2002] [error] [client 24.101.140.253] Invalid URI 
> in request GET /../invalidfilename.htm HTTP/1.0
> [Sat Apr  6 02:44:13 2002] [error] [client 24.101.140.253] File does not 
> exist: /mnt/bigone/www/html/www.teilo.net/invalidfilename.htm
> [Sat Apr  6 02:44:14 2002] [error] [client 24.101.140.253] Options 
> ExecCGI is off in this directory: 
> /mnt/bigone/www/html/www.teilo.net/invalidfilename.cgi
> [Sat Apr  6 02:44:14 2002] [error] [client 24.101.140.253] Invalid URI 
> in request GET /../invalidfilename.htm HTTP/1.0
> [Sat Apr  6 02:44:15 2002] [error] [client 24.101.140.253] File does not 
> exist: /mnt/bigone/www/html/www.teilo.net/..À¯../..À¯../sensepost.exe
> [Sat Apr  6 02:44:15 2002] [error] [client 24.101.140.253] File does not 
> exist: /mnt/bigone/www/html/www.teilo.net/..À¯../..À¯../sensepost.exe
> [Sat Apr  6 02:44:16 2002] [error] [client 24.101.140.253] File does not 
> exist: /mnt/bigone/www/html/www.teilo.net/..À¯../..À¯../cmd1.exe
> 
> 
> Regards,
> 
>     /James
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

-- 
shiftee <shiftee@manifestation.org>
PGP Key: 0xB7A36039@wwwkeys.pgp.net


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org



Reply to: