"GET /.hash=" in HTTPd logs?

From: SFDC Admin (postmaster@security-forums.com)
Date: 11/28/02

Next message: cyber_armstrong: "Can anyone break MD5 scheme?"

Previous message: nee cee: "Re: Blocking personal email"
In reply to: Dozal, Tim: "RE: Locking Cisco Router"
Next in thread: Joris De Donder: "Re: "GET /.hash=" in HTTPd logs?"
Reply: Joris De Donder: "Re: "GET /.hash=" in HTTPd logs?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "SFDC Admin" <postmaster@security-forums.com>
To: <security-basics@securityfocus.com>
Date: Wed, 27 Nov 2002 23:34:15 -0000

I've noticed recently on a few different machines entries like this:

GET /.hash=8148dd8cd5c884d62cab26ccfa1aeaa045eab116

GET /.hash=6baa50082310ba631358f57c8fb7eaadf752e055

Any idea what is going on here?

Is this some 0day exploit? Something old that is going round again?

Certainly nothing I have experienced before.

Thanks

Shaolin

.: http://www.security-forums.com :.

         Share your knowledge
          It's a way to achieve
                Immortality.

Next message: cyber_armstrong: "Can anyone break MD5 scheme?"
Previous message: nee cee: "Re: Blocking personal email"
In reply to: Dozal, Tim: "RE: Locking Cisco Router"
Next in thread: Joris De Donder: "Re: "GET /.hash=" in HTTPd logs?"
Reply: Joris De Donder: "Re: "GET /.hash=" in HTTPd logs?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

www.derkeiler.com > Mailing-Lists > securityfocus > security-basics > 2002-11