Hi K-OTik published an exploit for sasser's ftpd : http://www.k-otik.com/exploits/05102004.sasserftpd.c.php
Maybe you are seeing manual scans or a brand new worm. Have a nice day Maxime Ducharme Programmeur / Sp�cialiste en s�curit� r�seau ----- Original Message ----- From: "Roberto Navarro - TusProfesionales.es" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, May 14, 2004 8:26 AM Subject: [Full-Disclosure] Worm of the worm? > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I have detected some scans lookin' for the 5554 port (sasser's ftpd). > > Does somebody know anything about a new worm, exploiting its > vulnerabilty? > > > Roberto a.k.a. Logan > > > There are no answers, only cross refernces. > -- Weiner's Law of Libraries > > - --------------------------------------- > Roberto Navarro > [EMAIL PROTECTED] > Registered Linux User #212565 > - --------------------------------------- > > -----BEGIN PGP SIGNATURE----- > Version: PGP 8.0.2 > > iQA/AwUBQKS63MhDftHeZF7JEQLl/ACfU2fksblzy3zYh4yelCH2GxATsqcAoM+F > S/UxvCt8U0dgVqP3E+TeunS2 > =sEU4 > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
