No subject
Tue Nov 29 10:43:08 WST 2011
Symantec and SecurityFocus don't bring any results either.
----- Original Message -----
From: "Jon Miller" <jlmiller at mmtnetworks.com.au>
To: <plug at plug.linux.org.au>
Sent: Tuesday, February 11, 2003 6:45 PM
Subject: Re: [plug] Nimda worm variant ?
Did you find out anything? I'm having the same problem here.
Jon L. Miller, MCNE, CNS
Director/Sr Systems Consultant
MMT Networks Pty Ltd
http://www.mmtnetworks.com.au
"I don't know the key to success, but the key to failure
is trying to please everybody." -Bill Cosby
>>> kai.jones at broome.wa.gov.au 9:57:39 AM 11/02/2003 >>>
Hi everyone,
I'm seeing an increasing number of these requests on Apache:
ipd50a324a.speed.planet.nl - - [11/Feb/2003:07:17:10 +0800] "GET
/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=2614&STRMVER=4&CAPREQ=0 HTTP/1.1"
404 333
ipd50a324a.speed.planet.nl - - [11/Feb/2003:07:17:12 +0800] "GET
/MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=2614&STRMVER=4&CAPREQ=0 HTTP/1.1"
404 333
I've read this may be a variant of Nimda and maybe I'm not looking in
the right places but I can't find good documentation to confirm it.
Anyone have any ideas ?
Thanks
Kai
More information about the plug
mailing list