Security Incidents mailing list archives
Re: Wave of Nimda-like hits this morning?
From: "Jay D. Dyson" <jdyson () treachery net>
Date: Tue, 26 Feb 2002 18:11:03 -0800 (PST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 26 Feb 2002, John Brahy wrote:
Please keep in mind that came from a Solaris box, Apache log. Whatever this (maybe) new bug is, it's blowing up these boxes left and right...can't figure it out.Is anyone else having Solaris/Apache boxes blow up on them from this variant?
I've got six Solaris boxen ranging from Solaris 2.4 all the way up to (and including) Solaris 8, all running Apache 1.3.22 or 1.3.23. All have handled the past two days' Nimda scans without so much as a hiccup. The more I mull this over, the more I suspect PHP foul play. - -Jay ( ( _______ )) )) .--"There's always time for a good cup of coffee"--. >====<--. C|~~|C|~~| (>------ Jay D. Dyson -- jdyson () treachery net ------<) | = |-' `--' `--' `The armed are citizens. The unarmed are subjects.' `------' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (SunOS) Comment: See http://www.treachery.net/~jdyson/ for current keys. iEYEARECAAYFAjx8QDsACgkQGI2IHblM+8EkCwCeN1dfm0zHmOLi5WcezJL7Jr6O Nn8AoJg0BPBU5KXDfKCpFQ+a2RkG7+kZ =piJs -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Wave of Nimda-like hits this morning? Ralph Los (Feb 26)
- Re: Wave of Nimda-like hits this morning? Jay D. Dyson (Feb 26)
- PHP exploit (Was Re: Wave of Nimda-like hits this morning?) Chris Adams (Feb 27)
- RE: Wave of Nimda-like hits this morning? Brian Mooney (Feb 26)
- Re: Wave of Nimda-like hits this morning? John Brahy (Feb 26)
- Re: Wave of Nimda-like hits this morning? Jay D. Dyson (Feb 27)
- Re: Wave of Nimda-like hits this morning? Benjamin Morin (Feb 28)
- RE: Wave of Nimda-like hits this morning? Christopher L. Morrow (Feb 27)
- Re: Wave of Nimda-like hits this morning? John Brahy (Feb 26)
- Re: Wave of Nimda-like hits this morning? security (Feb 26)
- Re: Wave of Nimda-like hits this morning? Erick Brockway (Feb 27)
- <Possible follow-ups>
- Wave of Nimda-like hits this morning? Michael Sutton (Feb 26)
- RE: Wave of Nimda-like hits this morning? Ronneil Camara (Feb 26)
- RE: Wave of Nimda-like hits this morning? Greg Williamson (Feb 26)
- New Attack / New Vulnerability? Sterling Moses (Feb 27)
- Re: New Attack / New Vulnerability? Mark Seiden (Feb 27)
- New Attack / New Vulnerability? Sterling Moses (Feb 27)
- RE: Wave of Nimda-like hits this morning? Darren Young (Feb 27)
(Thread continues...)
- Re: Wave of Nimda-like hits this morning? Jay D. Dyson (Feb 26)