[Zope] msadc exploit?
Oliver Bleutgen
Oliver Bleutgen <myzope@gmx.net>
Mon, 12 Feb 2001 10:55:01 +0100
> I received multiple error reports from my Zope server
> tonight, about an object not found at
> http://NETSERVER:8080/msadc/..=C1%8s../..=C1%8s../..=C1%8s../winnt/syste=
m32/cmd.
> exe
> being called from ip address: 61.156.8.19
> This is very odd as my web server is at port 80, and mapped
> by NAT to 8080.
> I presume that this is some sort of attack on my webserver -
> what are they trying to exploit?
Not sure, but maybe this targeted the iis5.0 bug listed at
http://www.guninski.com/iisasp.html
A good source for this type of information is
http://www.securityfocus.com, esp. the
bugtraq-archieves which you can find there.
cheers,
oliver