From owner-freebsd-security Wed Aug 8 18:34:45 2001 Delivered-To: freebsd-security@freebsd.org Received: from aristotle.tamu.edu (Aristotle.tamu.edu [165.91.161.90]) by hub.freebsd.org (Postfix) with ESMTP id 828E637B411 for ; Wed, 8 Aug 2001 18:34:34 -0700 (PDT) (envelope-from rasmith@aristotle.tamu.edu) Received: from aristotle.tamu.edu (IDENT:rasmith@localhost [127.0.0.1]) by aristotle.tamu.edu (8.9.3/8.8.7) with ESMTP id UAA28759 for ; Wed, 8 Aug 2001 20:34:34 -0500 Message-Id: <200108090134.UAA28759@aristotle.tamu.edu> To: freebsd-security@FreeBSD.ORG Subject: Re: should I concerned? In-Reply-To: Your message of "Wed, 08 Aug 2001 18:25:43 PDT." <20010808182543.A42490@i-sphere.com> Mime-Version: 1.0 (generated by tm-edit 7.106) Content-Type: text/plain; charset=US-ASCII Date: Wed, 08 Aug 2001 20:34:34 -0500 From: Robin Smith Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >>>>> "faSty" == faSty writes: faSty> Hi guys, I noticed the httpd's log (errors and access), faSty> someone tried expliot the security hole on apache webserver faSty> and I dont know what this is. faSty> my webserver apache version is faSty> Server version: Apache/1.3.19 (Unix) Server built: May 17 faSty> 2001 20:14:06 faSty> [08/Aug/2001:14:39:03 -0700] faSty> "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a Relax: this is Code Red's signature (though the filler is X instead of N: is this Son of Code Red?). You're running apache, not IIS. Robin Smith To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message