Snort mailing list archives
IIS cmd.exe and unicode
From: Bastian Ballmann <ballmann () co-de de>
Date: Wed, 31 Oct 2001 08:59:52 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi community!! =) Does anyone know if nimba is still very active? Or if another worm is using the IIS cmd.exe and unicode exploit to spread? Cause last night Snort detected a very high amount of those attacks... Thanx and greets Bastian Ballmann @ Computational Design - -- - ---:[ Keep the right to crypt! \214^D^C^C^BM8¨^N^U,£B`É4ºÄ^L^@ÐBìóÁÀ!O½1CÍ^\MÜy± ôæ]%\203\224ú^AKÇ8Ó^_ñ-GN^E\202=^[Ì^GÖlªÇ^Z\236\201 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjvfr3gACgkQ/X/Mmob5zke94gCeMtxMvggoS0A4Gxfna46w15iE clYAniDmqkBFc+xQKwl22HXaHyPeV1HJ =Gx6c -----END PGP SIGNATURE----- _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- IIS cmd.exe and unicode Bastian Ballmann (Oct 31)
- <Possible follow-ups>
- RE: IIS cmd.exe and unicode Madden, Daniel (Oct 31)
- RE: IIS cmd.exe and unicode Madden, Daniel (Oct 31)