Full Disclosure mailing list archives

Re: SEARCH web attack

From: Jeff Workman <jworkman () pimpworks org>
Date: Wed, 31 Mar 2004 15:17:11 -0500

--On Wednesday, March 31, 2004 8:39 PM +0200 "i.t Consulting"<fulldis () it97 dyndns org> wrote:

during March the apache log shows some SEARCH attacks like
"SEARCH /\x90\x02±\x02± ... x90\x90" 414 343 "-" "-"


This looks like the IIS WebDAV exploit:
http://www.whitehats.com/info/ids474

-J

--
Jeff Workman | jworkman () pimpworks org | http://www.pimpworks.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

NOT GOOD: Outlook Express 6 + Internet Explorer 6 http-equiv () excite com (Mar 31)
- Re: NOT GOOD: Outlook Express 6 + Internet Explorer 6 Georgi Guninski (Mar 31)
  - Re: NOT GOOD: Outlook Express 6 + Internet Explorer 6 Valdis . Kletnieks (Mar 31)
    - Re: NOT GOOD: Outlook Express 6 + Internet Explorer 6 madsaxon (Mar 31)
- SEARCH web attack i.t Consulting (Mar 31)
  - Re: SEARCH web attack Jeff Workman (Mar 31)