[lug] possible intrusion

Deva Samartha blug-receive at mtbwr.net
Thu Jul 19 10:39:24 MDT 2001


I am getting a few of these on port 80:

[19/Jul/2001:07:48:26 -0600] "GET /default.ida?NNNNNNNN
(many more NNN's).....NNNN%u9090%u6858%ucbd3%u7801%u9090%u.....

which looks like buffer overflow intrusion.

Does anyone know more about this?

thanks,

Samartha




More information about the LUG mailing list