At Fri, 31 Aug 2001, incidents-return-1260-mark=nijntje.netat_private: >Hi, > >I have written my own HTTP server and run it on my machine (of course:-)). >The web server prints out everything it doesn't understand, and today it >found a http header field named beavuh, and a value which I'm unable to >understand. > > >I did find that there was a site named www.beavuh.org, but that site was >down ;-) > >Anyway, here is the "value" I received (all on one long line), has >anyone seen this before? I see this quite often in snort output, it is an exploit for the IIS5 printer vulnerability. Check http://www.whitehats.com/IDS/535 for a complete description. Mark Lastdrager -- Pine Internet BV :: tel. +31-70-3111010 :: fax. +31-70-3111011 PGP 92BB81D1 fingerprint 0059 7D7B C02B 38D2 A853 2785 8C87 3AF1 Today's excuse: The Token fell out of the ring. Call us when you find it. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Sep 02 2001 - 02:14:51 PDT