[Dshield] scans for MSADC bug?
ed.truitt at etee2k.net
Wed Nov 27 13:04:51 GMT 2002
Looks as if someone is seeking an OWA (Outlook Web Access) server. From
what I hear, unpatched versions of those do have several vulnerabilities.
PGP fingerprint: 5368 D25E 468C A250 9833 CCD6 DBAE 9C25 02F9 0AB9
"Note to spammers: my 'delete' key is connected to YOUR ISP.
Also, if you send me UCE, I reserve the right to post your spew
on my Web site, with the appropriate color commentary, so that
others may have a good laugh at your expense."
----- Original Message -----
From: "Tom Liston" <tliston at premmag.com>
To: <list at dshield.org>
Sent: Tuesday, November 26, 2002 3:06 PM
Subject: Re: [Dshield] scans for MSADC bug?
> I grepped log files looking for request from something trying to play
> with .dll files, and came across a bunch of these.
> Since I don't run IIS, this isn't a problem, but I was wondering if
> anyone had seen anything like it
> 184.108.40.206 - - [19/Nov/2002:03:04:12 -0600] "GET
> HTTP/1.1" 404 301 "-" "Mozilla/4.0 (compatible; MSIE 6.0;
> Windows NT 5.1)"
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see:
More information about the list