Security Incidents mailing list archives
Massive CMD.EXE and ROOT.EXE scan
From: "Tulchinskiy, Sasha" <STulchinskiy () aspensys com>
Date: Tue, 18 Sep 2001 09:54:59 -0400
Hi All, My IDS indicates that at 9:30 AM EST a new wave of IIS vulnerability scanning had started. They are looking for /c/winnt/system32/cmd.exe and root.exe, coming mostly from American IPs. Sasha Tulchinskiy Aspen Security Team ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Massive CMD.EXE and ROOT.EXE scan Tulchinskiy, Sasha (Sep 18)
- <Possible follow-ups>
- Fwd: Massive CMD.EXE and ROOT.EXE scan Florian Piekert (Sep 18)
- Re: Fwd: Massive CMD.EXE and ROOT.EXE scan John Q. Public (Sep 18)