12 Feb
2001
12 Feb
'01
9:55 a.m.
I received multiple error reports from my Zope server tonight, about an object not found at
http://NETSERVER:8080/msadc/..Á%8s../..Á%8s../..Á%8s../winnt/system32/cmd. exe
being called from ip address: 61.156.8.19
This is very odd as my web server is at port 80, and mapped by NAT to 8080.
I presume that this is some sort of attack on my webserver - what are they trying to exploit?
Not sure, but maybe this targeted the iis5.0 bug listed at http://www.guninski.com/iisasp.html A good source for this type of information is http://www.securityfocus.com, esp. the bugtraq-archieves which you can find there. cheers, oliver