Not sure if it the same one, there's a new IIS exploit that'll 
change the main page.....but only in memory.  It's known as Code Red Worm 
at the cert.org site.

         I noticed it after I had lots of weird requests in my httpd logs 
for about 8 hours last night (+800) which I thought was a buffer overflow 

         Check the url for more info


Hak Beng

At 04:59 20/07/2001, I noticed a mail from Jean-Francois Jauvin:
>Hi, my server with php on it has been "hacked" or something....., what
>appened is every PHP pages displayed a certain message like "Hacked by blah
>blah blah...".
>None of the HTML pages were affected, only the PHP ones....
>but the scripts were not altered, I've shut down IIS,  reinstalled PHP, and
>everything is back to normal... kinda strange.....
>Did anyone had a similar problem...
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]

PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to