Hey all, >> Has anybody a copy of some log files that contain such for general review >> by the community? >> >> A customer was vulnerable to this attack and I would like to find out if >> he was compromised. I don't have logs, sorry, but to be honest the probability of him being compromised by this are rather low -- there's no reliable exploit for these bugs yet, and at least the eeye-bug is a bit dodgy to exploit reliably without knowing the remote SP-number or accurately guessing the thread number. What is going to be an interesting combination on vulnerable systems i the combination of the ASP bugs with ElicZ's DebPloit bug -- that looks good enough to fashion the ASP bugs into remote SYSTEM compromises. Cheers, dullienat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Apr 12 2002 - 11:50:29 PDT