Security Incidents mailing list archives
New Worm or Attack
From: "VanMeter, John" <John.VanMeter () ost dot gov>
Date: Tue, 18 Sep 2001 12:31:11 -0400
I've seen the following attacks on one of my servers in the dmz An attempt was made to run a program in the system32 directory from the IIS server. - MS00-057 - "File Permission Canonicalization" Vulnerability HTTP URL Scans URL contains a pattern that is allows a remote intruder to access files or run programs on the web server machines. Is this what every one else is seeing? John van Meter WIN2K System Administrator 202.366.9884 ____ Never let formal schooling interfere with your education Disclaimer: My own two cents ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- New Worm or Attack VanMeter, John (Sep 18)