lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 19 Nov 2003 20:05:31 -0500 (EST) From: Jose Nazario <jose@...key.org> To: "Jay D. Dyson" <jdyson@...achery.net> Cc: Bugtraq <bugtraq@...urityfocus.com> Subject: Re: Router Worm? its welchia/nachi. when it can't connect via 135/tcp, it will attempt an exploit against a webdav server (see MS03-007). i've seen an uptick in this in the past couple of days, too, visible on a few httpd servers i track. and i, too, was caught off guard until someone pointed out it was nachi to me. digging into the tech details showed that i (and many of us) had been overlooking a secondary attack. ___________________________ jose nazario, ph.d. jose@...key.org http://monkey.org/~jose/
Powered by blists - more mailing lists