Re: cmd.exe exploit
From: David Dickinson [MVP] (eis.no-spam@softhome.net)
Date: 05/08/02
- Next message: Taylor Ongaro: "Network Control Panel: disable/enable"
- Previous message: D. Cross [MS]: "Re: CE and FIPS"
- In reply to: got root?: "Re: cmd.exe exploit"
- Next in thread: got root?: "Re: cmd.exe exploit"
- Reply: got root?: "Re: cmd.exe exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "David Dickinson [MVP]" <eis.no-spam@softhome.net> Date: Wed, 8 May 2002 12:48:10 -0600
"got root?" <s_thistle@warmmail.com> wrote in message
news:#C98gRU9BHA.940@tkmsftngp05...
> My biggest peeve is this. Here is the log from my web server.
>
> [Sun May 5 06:34:08 2002] [error] [client 205.221.191.96] File does not
> exist: /var/apache/htdocs/c/winnt/system32/cmd.exe
I'm afraid that I don't understand what the problem is. Do you /want/
cmd.exe to be accessible from the internet? You have probably installed the
IIS Lockdown tool which prevents such access. These log entries are the
result when someone tries to get to it from outside. These log entries are
/good/. However, you might want to register complaints with the people who
are trying to break into your system.
-- David Dickinson, MVP EveningStar Information Services Las Cruces, NM USA Summary of Microsoft Security Bulletins http://www.zianet.com/bwd/securitybulletins.asp
- Next message: Taylor Ongaro: "Network Control Panel: disable/enable"
- Previous message: D. Cross [MS]: "Re: CE and FIPS"
- In reply to: got root?: "Re: cmd.exe exploit"
- Next in thread: got root?: "Re: cmd.exe exploit"
- Reply: got root?: "Re: cmd.exe exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
