Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Possible scan?

From: "Greg Owen" <gowen () swynwyr com>
Date: Fri, 17 Aug 2001 16:49:19 -0400
Am I missing something? I have seen a lot of attempts (90+ today)
for a GET /is_this_the_index.cfm HTTP/1.0 on my web server in
the last day.


    .cfm is a ColdFusion extension, IIRC, and there was a ColdFusion
vulnerability posted to Bugtraq either this week or last.  So it's probably
a new scan for hosts that may have that vulnerability.

--
        gowen -- Greg Owen -- gowen () swynwyr com
        79A7 4063 96B6 9974 86CA  3BEF 521C 860F 5A93 D66D




----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: