Security Incidents mailing list archives
Re: Strange entries in Apache access_log
From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Thu, 30 Aug 2001 13:58:11 -0400 (EDT)
On Thu, 30 Aug 2001, Bart Haezeleer wrote:
64.225.196.160 - - [24/Aug/2001:21:02:21 +0200] "GET /NULL.printer HTTP/1.0" 404 280
http://www.eeye.com/html/Research/Advisories/AD20010501.html Windows 2000 IIS 5.0 Remote buffer overflow vulnerability (Remote SYSTEM Level Access)
63.251.5.46 - - [30/Aug/2001:09:20:04 +0200] "GET http://www.yahoo.com/index.html HTTP/1.1" 200 2890
some sort of screwup? the 200 return code is interesting ...
Is this something to worry about?
not much. just a scanner. ____________________________ jose nazario jose () cwru edu PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Strange entries in Apache access_log Ryan Russell (Sep 01)
- Re: Strange entries in Apache access_log Sven Koch (Sep 02)
- Re: Strange entries in Apache access_log Ben Ford (Sep 02)
- <Possible follow-ups>
- Re: Strange entries in Apache access_log Jose Nazario (Sep 01)
- Re: Strange entries in Apache access_log //Stany (Sep 02)