Security Incidents mailing list archives

Re: IIS Search Method Overflow being revisted?

From: "Jay Woody" <jay_woody () tnb com>
Date: Thu, 25 Mar 2004 10:12:25 -0600

I thought there was a new one.  Hang on . . . 

http://www.winnetmag.com/WindowsSecurity/Article/ArticleID/42099/WindowsSecurity_42099.html

Here.  I didn't read much about since we don't use it, but I think this may be what they are looking for.

JayW

"Rohny Jotton" <rohnyjotton () hotmail com> 03/25/04 09:45AM >>>

In the last 24 hours, I've logged two instances of "SEARCH 
/ ±±±±±±±±±±±±±±±±±±±±±±....(many more)" on my web 
server from two different networks resulting in a 501 being returned.

When googling, the only thing I can relate to it is an Overflow attempt from 
2001 (Georgi Guninski).

I do not see any prior attempts. I just thought inquiring minds ought to 
know...

_________________________________________________________________
All the action. All the drama. Get NCAA hoops coverage at MSN Sports by 
ESPN. http://msn.espn.go.com/index.html?partnersite=espn 


---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at 
http://www.securityfocus.com/sponsor/Astaro_incidents_040301 
----------------------------------------------------------------------------



---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_incidents_040301
----------------------------------------------------------------------------

Current thread:

IIS Search Method Overflow being revisted? Rohny Jotton (Mar 25)
- Re: IIS Search Method Overflow being revisted? Janusz Urbanowicz (Mar 25)
- Re: IIS Search Method Overflow being revisted? Javier Fernandez-Sanguino (Mar 26)
- <Possible follow-ups>
- RE: IIS Search Method Overflow being revisted? Levinson, Karl (Mar 25)
  - Re: IIS Search Method Overflow being revisted? Felipe Moniz de Aragao (Mar 25)
- Re: IIS Search Method Overflow being revisted? Jay Woody (Mar 25)
  - Re: IIS Search Method Overflow being revisted? Nick FitzGerald (Mar 26)
- Re: IIS Search Method Overflow being revisted? Jay Woody (Mar 26)