Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

RE: Seeing Chuncked content
From: "Golden_Eternity" <bhodi_jabir () yahoo com>
Date: Mon, 8 Jul 2002 09:26:14 -0700
I got 43 from 3 sources from the 5th to the 7th, nothing before that. They
triggered on this rule:

alert tcp any any -> any 80 \
(msg: "Apache chunked encoding exploit, n/shh//bi (i.e. /bin/sh)"; \
flags: A+; content: "n/shh//bi";)

Server was patched and happy.



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]