[ale] Code Red II!!! Disregard previous reply!!!
Jonathan Rickman
jonathan at xcorps.net
Tue Aug 7 09:13:04 EDT 2001
On Tue, 7 Aug 2001 SAngell at nan.net wrote:
> I think you are correct. Microsoft reported that the patches to correct the
> vulnerability in Index Server was downloaded over 1 million times since June 18,
> 2001. Seeing that you have to wonder if there is any other objective by future
> attacks other than to absorb bandwidth.
Don't even get me started. Microsoft has put an incredible spin on this whole
thing, making themselves out to be the Knight in Shining armor riding in to save
the day with their hotfix. Here's one for you...
64.4.1.40 - - [06/Aug/2001:05:03:54 -0400] "GET /default.ida?XXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u685
8%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a HTTP/1.0" 404 1442 "-" "-"
MS Hotmail (NETBLK-HOTMAIL)
1065 La Avenida
Mountain View, CA 94043
US
Netname: HOTMAIL
Netblock: 64.4.0.0 - 64.4.63.255
Coordinator:
Myers, Michael (MM520-ARIN) icon at HOTMAIL.COM
650-693-7072
Domain System inverse mapping provided by:
NS1.HOTMAIL.COM 216.200.206.140
NS3.HOTMAIL.COM 209.185.130.68
Record last updated on 09-Jan-2001.
Database last updated on 6-Aug-2001 23:07:48 EDT.
OOPS...looks like that patch isn't as widely distributed as MS is telling
everyone. They missed one themselves...actually, they missed several but I dont
want to turn ALE into a CRII log forum.
--
Jonathan Rickman
X Corps Security
http://www.xcorps.net
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list