[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] Code Red II!!! Disregard previous reply!!!
- Subject: [ale] Code Red II!!! Disregard previous reply!!!
- From: jonathan at xcorps.net (Jonathan Rickman)
- Date: Tue, 7 Aug 2001 09:13:04 -0400 (EDT)
On Tue, 7 Aug 2001 SAngell at nan.net wrote:
> I think you are correct. Microsoft reported that the patches to correct the
> vulnerability in Index Server was downloaded over 1 million times since June 18,
> 2001. Seeing that you have to wonder if there is any other objective by future
> attacks other than to absorb bandwidth.
Don't even get me started. Microsoft has put an incredible spin on this whole
thing, making themselves out to be the Knight in Shining armor riding in to save
the day with their hotfix. Here's one for you...
64.4.1.40 - - [06/Aug/2001:05:03:54 -0400] "GET /default.ida?XXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u685
8%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a HTTP/1.0" 404 1442 "-" "-"
MS Hotmail (NETBLK-HOTMAIL)
1065 La Avenida
Mountain View, CA 94043
US
Netname: HOTMAIL
Netblock: 64.4.0.0 - 64.4.63.255
Coordinator:
Myers, Michael (MM520-ARIN) icon at HOTMAIL.COM
650-693-7072
Domain System inverse mapping provided by:
NS1.HOTMAIL.COM 216.200.206.140
NS3.HOTMAIL.COM 209.185.130.68
Record last updated on 09-Jan-2001.
Database last updated on 6-Aug-2001 23:07:48 EDT.
OOPS...looks like that patch isn't as widely distributed as MS is telling
everyone. They missed one themselves...actually, they missed several but I dont
want to turn ALE into a CRII log forum.
--
Jonathan Rickman
X Corps Security
http://www.xcorps.net
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.