| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040429164643.E1229@thorolf.host> From: thorolf at grid.einherjar.de (Thorolf) Subject: Exploit Identification Request -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I have few alerts in 24h, [5]-root@...r:ttyp3[log] #grep "194.xx.xx.xx" httpd-access.log 194.xx.xx.xx - - [26/Apr/2004:12:22:36 +0000] "SEARCH /\x90\x02\xb1\x02\xb1\x0 2\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x0 ... It looks like some mutation of worm/virus it use this bug, http://www.microsoft.com/technet/security/bulletin/ms03-007.mspx Look at this ... http://seclists.org/lists/incidents/2004/Mar/0107.html Regards, Rafal Lesniak - -- - - Administrator - - Run for your lives, death has arrived - - Try save your soul, run from the sound of rowing oars -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iQCVAwUBQJEWz+2ijGMJcqkLAQJi4gP+IGTPHBUYU83GIF/uv8nQ1zsLqkxPDeoy m/SY9oFA1lamAHEHqh4i0F58LWJ40qPCF/RA/Nb+IHygReSSN/EQNnH8Cbzb4A4B RvIMLuPsqipwSYpzzxILMxhp/Nl8ExlgWQdwS81jL9GKcWkVL7pVQ7w69Zyj6G+D cL/kdP6VgT0= =kcOt -----END PGP SIGNATURE-----
Powered by blists - more mailing lists