Re: GET x HTTP/1.0

From: Seth Milder (mrsethat_private)
Date: Tue Jul 24 2001 - 08:10:25 PDT

  • Next message: Tony Spurlin: "RE: SIRCAM WORM?"

    These are cracked Solaris machines with the sadmin hole. They are
    looking for IIS machines with the Unicode vulnerability in order to
    deface their webpage. This was discussed at length here before. Try
    telnetting to port 600 of these machines and you will get a root shell.
    You must end all commands with a ; though.
    
    -- 
    Seth Milder
    
    Department of Physics and Astronomy
    School of Computational Science
    George Mason University
    Fairfax, VA.
    
    Institute for Computer Applications in Science and Engineering (ICASE)
    NASA/Langley Research Center
    Hampton, VA.
    
    
    
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Tue Jul 24 2001 - 08:59:16 PDT