Re: [Full-Disclosure] SEARCH web attack

--On Wednesday, March 31, 2004 8:39 PM +0200 "i.t Consulting" <fulldis@xxxxxxxxxxxxxxx> wrote:

during March the apache log shows some SEARCH attacks like
"SEARCH /\x90\x02±\x02± ... x90\x90" 414 343 "-" "-"


This looks like the IIS WebDAV exploit:
http://www.whitehats.com/info/ids474

-J

--
Jeff Workman | jworkman@xxxxxxxxxxxxx | http://www.pimpworks.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- [Full-Disclosure] Re: SEARCH web attack
  - From: i.t Consulting

References:
- [Full-Disclosure] NOT GOOD: Outlook Express 6 + Internet Explorer 6
  - From: http-equiv@xxxxxxxxxx
- [Full-Disclosure] SEARCH web attack
  - From: i.t Consulting