|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Fred Morris (m3047_at_inwa.net)
Date: Fri Oct 11 2002 - 10:46:01 CDT
Miguel Albuquerque <mfoacs
e-workshop.ch> wrote:
>Hi,
>
>What about this:
>schebish.c.crosslink.net - - [11/Oct/2002:17:02:57 +0200] "GET
>/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>NNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%uc
>bd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
> HTTP/1.0" 400 329 ??
>
A buffer overflow aimed at a legacy API in IIS if I recall correctly
(probably Code Red). Really, you should try a search with Google:
http://www.google.com/search?hl=en&ie=ISO-8859-1&q=%2Fdefault.ida%3FNNNNNNNN
&btnG=Google+Search
In other words, I pasted "/default.ida?NNNNNN" into the search window. It
*is* that easy...
--Fred Morris m3047
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]