nanog mailing list archives
RE: CodeRed: New Variant?
From: Bob K <melange () yip org>
Date: Mon, 6 Aug 2001 10:51:03 -0400 (EDT)
A quick skim through the bulletin tells me that someone *could* write a worm that incorporates that vulnerability, but I haven't seen any attempts in my httpd logs... On Mon, 6 Aug 2001, Seth M. Kusiak wrote:
Perhaps I should explain a bit more: This is a known exploit (http://www.microsoft.com/technet/security/bulletin/ms01-023.asp) however I saw many requests from multiple IP's. I thought that this was odd to see so many in such a short time. I thought that maybe another worm was on the loose. ~Seth Seth M. Kusiak writes:I'm seeing this. Anyone else? -------------------------------------------------------------------------- 2001-08-05 22:11:37 <Client IP> - <Server IP> 80 GET /NULL.printer - 302 0 315 2365 0 3À°Ø@`3Û³$Ãÿàë¹1j - - - --------------------------------------------------------------------------
-- Bob <melange () yip org> | Yes. I know. That is, indeed, *not* mayonnaise.
Current thread:
- RE: CodeRed: New Variant? Seth M. Kusiak (Aug 06)
- RE: CodeRed: New Variant? Bob K (Aug 06)