[Dshield] Check this out.

Andy Bold andyb at metalogicplc.com
Tue Aug 21 13:09:49 GMT 2001


Isn't this someone trying the old IIS Unicode Directory Traversal exploit
reported in August last year?  That would explain the paths, and the 8-bit
characters in them.

I read somewhere that Code Red was highlighting web servers that hadn't
patched this either, so maybe some script kiddies are just trying random
targets.

The original MS security notice can be found at
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/Security/
Bulletin/ms00-078.asp

Andy Bold
Metalogic plc




More information about the list mailing list