[Dshield] nsiislog.dll probe

rushing@jorsm.com rushing at jorsm.com
Mon Oct 20 18:29:31 GMT 2003

Going through my Apache logs for anomalous events and I see a request for
nsiislog.dll last Tuesday from  It appears that
is in an Israeli DSL netblock.

A little Google searching turned up




Which describe a buffer overflow announced in late June 2003.  At that
time, the description said there was no known working exploit in the wild
but that it was exploitable.

Perhaps someone is seeing how widespread it is before bothering to write
exploit code?

More information about the list mailing list