Re: Possible scan?

From: Greg Owen (gowenat_private)
Date: Fri Aug 17 2001 - 13:49:19 PDT

Next message: Michal Zalewski: "Re: Flash Worms"

Previous message: Robert Graham: "Re: Flash Worms"
In reply to: Erik Benner: "Possible scan?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Am I missing something? I have seen a lot of attempts (90+ today)
> for a GET /is_this_the_index.cfm HTTP/1.0 on my web server in
> the last day.

    .cfm is a ColdFusion extension, IIRC, and there was a ColdFusion
vulnerability posted to Bugtraq either this week or last.  So it's probably
a new scan for hosts that may have that vulnerability.

--
        gowen -- Greg Owen -- gowenat_private
        79A7 4063 96B6 9974 86CA  3BEF 521C 860F 5A93 D66D




----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Michal Zalewski: "Re: Flash Worms"
Previous message: Robert Graham: "Re: Flash Worms"
In reply to: Erik Benner: "Possible scan?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Aug 18 2001 - 10:23:49 PDT