On Thu, 2 Aug 2001, Dan Bolbosescu wrote:
>
> Salut
>
> Am gasit in log-ul de la apache, access.log, urmatoarea intrare:
>
> 211.112.20.186 - - [02/Aug/2001:11:51:38 +0300] "GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%uc
> bd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
> u53ff%u0078%u0000%u00=a HTTP/1.0" 400 328
>
> Stie cineva ce insemna chestia asta?
> Multumesc
>
>
> ---
> Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
> unsubscribe from this list.
>
>
hehe codered attacks again
asta e exploitul de codered numai ce merge doar pe IIS (fara patch)
misto este ca daca te afli pe "grila de adresare" a codered version 1 (are
un bug cu generearea random a adreselor target si astfel de fapt se ataca
exact aceleasi ip-uri...) ar trebui sa vezi aceste mesaje de mai multe ori
si din mai multe locatii... aparent random
----------------------------
Mihai RUSU
"... and what if this is as good as it gets ?"
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
unsubscribe from this list.
