[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Re: Possible apache2/php 4.3.9 worm
- To: <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] Re: Possible apache2/php 4.3.9 worm
- From: "morning_wood" <se_cur_ity@xxxxxxxxxxx>
- Date: Wed, 22 Dec 2004 10:53:28 -0800
> Below are some examples of what an actual Santy search request would
> look like:
>
>
http://www.google.com/search?num=100&hl=en&lr=&as_qdr=all&q=allinurl%3A+%22viewtopic.php%22+%22topic%3D27516%22&btnG=Search
>
http://www.google.com/search?num=100&hl=en&lr=&as_qdr=all&q=allinurl%3A+%22viewtopic.php%22+%22t%3D2580%22&btnG=Search
>
http://www.google.com/search?num=100&hl=en&lr=&as_qdr=all&q=allinurl%3A+%22viewtopic.php%22+%22p%3D6653%22&btnG=Search
>
> If Google were to block this particular pattern of search request it
> would stop the spread of the worm for now.
looks like they did...
------------ / snip / ----------------
Google Error
We're sorry...
.. but we can't process your request right now. A computer virus or spyware
application is sending us automated requests, and it appears that your
computer or network has been infected.
We'll restore your access as quickly as possible, so try again soon. In the
meantime, you might want to run a virus checker or spyware remover to make
sure that your computer is free of viruses and other spurious software.
We apologize for the inconvenience, and hope we'll see you again on Google.
------------ / snip / ------------------
cheers,
m.w
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html