[Dshield] help identify IIS log entry

Roger Roberts roger_w_roberts at hotmail.com
Tue Mar 25 19:36:57 GMT 2003


Everyone,

http://packetstormsecurity.nl/index.shtml
Has a new WEBDAV IIS exploit published called  wb.c
I have not had a chance to get it into the lab to verify/get logs from 
though.

RWR






>From: John Hardin <johnh at aproposretail.com>
>Reply-To: General DShield Discussion List <list at dshield.org>
>To: General DShield Discussion List <list at dshield.org>
>Subject: Re: [Dshield] help identify IIS log entry
>Date: 25 Mar 2003 09:47:14 -0800
>
>On Sun, 2003-03-23 at 16:08, Jeff Kell wrote:
> > Mrcorp wrote:
> > > Here is a new entry in my IIS logs.  Never seen this one before...
> > >
> > > 2003-03-20 03:32:56 195.92.95.61 - 192.168.0.1 80 OPTIONS * - 200 407 
>108 0 www.mrcorp.net
> > > Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1)
> >
> > Scanning for the latest WebDAV bug in IIS.
>
>Johannes, do we (you, actually :) want to set up a RedAlert-style
>repository for these log entries?
>
>--
>John Hardin  KA7OHZ                           <johnh at aproposretail.com>
>Internal Systems Administrator                    voice: (425) 672-1304
>Apropos Retail Management Systems, Inc.             fax: (425) 672-0192
>-----------------------------------------------------------------------
>  "To disable the Internet to save EMI and Disney is the moral
>   equivalent of burning down the library of Alexandria to ensure the
>   livelihood of monastic scribes."
>                                     -- John Ippolito of the Guggenheim
>-----------------------------------------------------------------------
>  58 days until The Matrix Reloaded
>
>_______________________________________________
>list mailing list
>list at dshield.org
>To change your subscription options (or unsubscribe), see: 
>http://www.dshield.org/mailman/listinfo/list


_________________________________________________________________
Help STOP SPAM with the new MSN 8 and get 2 months FREE*  
http://join.msn.com/?page=features/junkmail



More information about the list mailing list