[Dshield] New http exploit?

M Cook dshieldlists at versateam.com
Mon Oct 24 12:06:30 GMT 2005


I think this is the first time I've seen this (on our web server). Is it 
new?

Client address: 85.98.164.95
Request: PUT /ownz.htm
Referer: -
Cookie: -
Status code: Forbidden (403)
Received: 231 bytes
Sent: 4118 bytes
Time taken: 547
Time: 10/23/2005 3:24:37 PM EDT
User agent: Microsoft+Data+Access+Internet+Publishing+Provider+DAV+1.1

Other clients doing this are 81.214.177.72 and 85.98.81.65.

Another similar is

Client address: 85.98.164.116
Request: PUT /own3d.htm
Referer: -
Cookie: -
Status code: Forbidden (403)
Received: 236 bytes
Sent: 4118 bytes
Time taken: 1891
Time: 10/19/2005 5:42:44 AM EDT
User agent: Microsoft+Data+Access+Internet+Publishing+Provider+DAV+1.1


More information about the list mailing list