OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Golden_Eternity (bhodi_jabiryahoo.com)
Date: Mon Jul 08 2002 - 11:26:14 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    I got 43 from 3 sources from the 5th to the 7th, nothing before that. They
    triggered on this rule:

    alert tcp any any -> any 80 \
    (msg: "Apache chunked encoding exploit, n/shh//bi (i.e. /bin/sh)"; \
    flags: A+; content: "n/shh//bi";)

    Server was patched and happy.

    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management
    and tracking system please see: http://aris.securityfocus.com