Weird HTTP request (abuse)

From: Douglas Cowan (news@REMOVEthisBITdacowan.co.uk)
Date: 04/12/02


From: "Douglas Cowan" <news@REMOVEthisBITdacowan.co.uk>
Date: Fri, 12 Apr 2002 20:21:44 +0100

Wondering what the heck this is in my apache logs. Obviously someone trying
to do something nasty. Is it an attempt to cause a buffer overflow error?

207.33.111.34 - - [12/Apr/2002:19:04:08 +0100] "HEAD%00
/%20HTTP/1.0%0D%0A%0D%0AAccept%3A%20azwntylepikitd/../../index.html%3fcmkdge
sdhewnxsu=/../rywdnhhnjlpmqcpgeszuxonwfscxesowosxoshdcswnqvphpxqwkgtvwtgscca
gzcyhyptevjdaluuhpbrgxjuxtmstzpvximyqcvsfyphupcyidgshgjwmnubgnhwgxaqwgeotwoy
dconeddtirdqesuoysmvaufgqmcwidnowlzgspgbgmyeltmxeptrdtgfaondxpaquifdeuohrabz
snamfihuzbxnbluqjjwruezgdghwklpgvjrxjkurzsictjluxgtinvjzjvtmdcdyuwsmrwramarp
nsiegugcknoetblzjsouzxfwfqavyqbmsozdsjprnsvyofokmalfhbhqakmohzlusbxjnyvbngqz
lbsnisrcvyaahehhtcjsedhuqkblwkzimcajnjihhzdorcpnuaxcqkwojmcqpsnvgveeiqnmirwc
cjsuqoavcazxgqpcsezhuywchqihvcwqfvduqmmtojgfeoowjnayflbzzufevjrzqugjjyengvvh
iyouwkazfvxsgjwwagzvsbxpagdbpgpihwkwgndoamxgaqnfneunsehvkdkwqqxrgnunizbdtoiv
icjeiaziogvxqtxhombnextwmccokcvvopcufitjaodgkbvofxuafbbeilcgjdcbzzsfnakcoqzb
cigvlevdwyahckqlkidfbkioznffziteghmspsqgepcgekgvenrnyudheozofucnhfqdzdsxloyd
suoxqswfjnuergvvduykwxpobydpexphbkozdsnicjdjhobjhsjikdfwffvcbfzjsloqzcsldvnq
exuuhiutcmxbylqzhyhzclhwpiiewftlpdfligsijzgxaezyhwsfiqlpulgfatlvqbvkduusxuej
mybcxhsguhnkkzmbtbbvelxcggensayxgjomzrlybtpwfzcuqtlrlwifsahxtjtpdhhjlueucekz
ajuzutyukalzwavyuhhktnrwyezohjngawstehamkoibwsvsmxhmlkoejhnowjjwxfoqwtkoebcf
qhefzznxnjalprmwbtrynfxrujujjgelfohgycfeibvevykjxpzsbgcpfvwdnurwnigppiznvnyo
ioihwxxwlnevctvihrdxjvxmpmdthvguwtgqfugtwnbdybhtnkreauhgraqtclamdfelmsdzuwoi
kizwfothggkpecgmfwwgfjvnkcdapjhippbpjscyjyywwohvosmqpsmkaowgzdtjfmlufmsurivz
smqovbhsyufoyukjwcizdbecesahpiurrmjcughbzhjkuiuqygxftrzkoynaaeneuqxnygzeyxze
hqtcqweowgzonjrwkzbtyseivftvshrzluxfyeyvcfssuirywvaxruordgyonbatjzohxsnxllsp
dxciaxvryhsb/.././%4d%59%4c%4f%47%2e%50%48%54%4d%4c HTTP/1.0" 501 1896
"http://>" "Mozilla/4.7 [en] (Win95; U)"

Thanks



Relevant Pages

  • Re: Weird HTTP request (abuse)
    ... Douglas Cowan wrote: ... > Wondering what the heck this is in my apache logs. ... > to do something nasty. ...
    (comp.os.linux.security)
  • Re: COT
    ... >> assymetric, heck, you could even change the track width if you ... >> adjust spoiler angles (they'd beat on them with a rubber mallet ... >> Jr Johnson used to weld up the valve guides in the head, ... Why is it when a man talks nasty to a woman it's harassment, ...
    (rec.autos.sport.nascar.moderated)
  • Re: Newsgroup Security
    ... In this ng, if it is from Marina or Susan, ... I know they are serious people and aren't up to anything "nasty", ... to know who is who so that when a URL comes up, I can do a quick heck to ... Saga ...
    (microsoft.public.windows.server.sbs)
  • Re: Brown recluse got me
    ... What the heck was it again??? ... activated carbon. ... nasty, nasty... ... if you're sure it was a brown recluse don't hang ...
    (rec.pets.cats.anecdotes)