[Snort-users] Code Green???

John Steniger stenigej at ...801...
Tue Sep 18 10:07:02 EDT 2001


This isn't a code red exploit, it appears to be a IIS-Unicode exploit.  Our
servers are patched for Code-Red as well as IIS Unicode and other then some
degraded performance, we aren't seeing any infections.  

John J. Steniger

> -----Original Message-----
> From: Steve Halligan [mailto:agent33 at ...187...]
> Sent: Tuesday, September 18, 2001 12:35 PM
> To: 'richard'; snort-users at lists.sourceforge.net
> Subject: RE: [Snort-users] Code Green???
> 
> 
> > This infected our previously patched for code red, winnt and win2k
> > systems.. One of them i even fixed yesterday and put Microsofts 
> > CodeRedCleanup tool on it. It is placing the root.exe file 
> on the hard
> > drive. 
> >
> Can anyone verify that this is infecting IIS server patched to current
> levels? 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 




More information about the Snort-users mailing list