[**] [1:1945:1] WEB-IIS unicode directory traversal attempt [**] [Classification: Web Application Attack] [Priority: 1] 04/30-19:02:54.132243 24.150.86.224:3156 -> 192.168.1.6:80 TCP TTL:109 TOS:0x0 ID:18958 IpLen:20 DgmLen:136 DF ***AP*** Seq: 0xB70795FD Ack: 0x6D2BE48 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0884] |
[**] [1:1288:5] WEB-FRONTPAGE /_vti_bin/ access [**] [Classification: access to a potentially vulnerable web application] [Priority: 2] 04/30-19:02:54.369125 24.150.86.224:3157 -> 192.168.1.6:80 TCP TTL:109 TOS:0x0 ID:18984 IpLen:20 DgmLen:157 DF ***AP*** Seq: 0xB7090F85 Ack: 0x735FDCF Win: 0x4470 TcpLen: 20 |
[**] [1:1286:5] WEB-IIS _mem_bin access [**] [Classification: access to a potentially vulnerable web application] [Priority: 2] 04/30-19:02:54.546942 24.150.86.224:3158 -> 192.168.1.6:80 TCP TTL:109 TOS:0x0 ID:18993 IpLen:20 DgmLen:157 DF ***AP*** Seq: 0xB70AD16D Ack: 0x7405A43 Win: 0x4470 TcpLen: 20 |
[**] [1:982:6] WEB-IIS unicode directory traversal attempt [**] [Classification: Web Application Attack] [Priority: 1] 04/30-19:02:54.760101 24.150.86.224:3160 -> 192.168.1.6:80 TCP TTL:109 TOS:0x0 ID:19009 IpLen:20 DgmLen:185 DF ***AP*** Seq: 0xB70D295A Ack: 0x71B1C57 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0884] |
[**] [1:982:6] WEB-IIS unicode directory traversal attempt [**] [Classification: Web Application Attack] [Priority: 1] 04/30-19:02:58.203622 24.150.86.224:3185 -> 192.168.1.6:80 TCP TTL:109 TOS:0x0 ID:23171 IpLen:20 DgmLen:137 DF ***AP*** Seq: 0xB72B97D9 Ack: 0x6F4D733 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0884] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 04/30-19:02:58.404701 24.150.86.224:3188 -> 192.168.1.6:80 TCP TTL:109 TOS:0x0 ID:23535 IpLen:20 DgmLen:137 DF ***AP*** Seq: 0xB72E221E Ack: 0x7B27A7F Win: 0x4470 TcpLen: 20 |
[**] [1:981:6] WEB-IIS unicode directory traversal attempt [**] [Classification: Web Application Attack] [Priority: 1] 04/30-19:02:58.584981 24.150.86.224:3189 -> 192.168.1.6:80 TCP TTL:109 TOS:0x0 ID:23980 IpLen:20 DgmLen:137 DF ***AP*** Seq: 0xB72F6E18 Ack: 0x7B6E7B7 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0884] |
[**] [1:983:6] WEB-IIS unicode directory traversal attempt [**] [Classification: Web Application Attack] [Priority: 1] 04/30-19:02:58.808754 24.150.86.224:3193 -> 192.168.1.6:80 TCP TTL:109 TOS:0x0 ID:24265 IpLen:20 DgmLen:137 DF ***AP*** Seq: 0xB7332BB0 Ack: 0x7E61187 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0884] |
[**] [1:970:5] WEB-IIS multiple decode attempt [**] [Classification: Web Application Attack] [Priority: 1] 04/30-19:02:59.073342 24.150.86.224:3195 -> 192.168.1.6:80 TCP TTL:109 TOS:0x0 ID:24713 IpLen:20 DgmLen:138 DF ***AP*** Seq: 0xB7357D03 Ack: 0x7C7F3BE Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0333] |
[**] [1:970:5] WEB-IIS multiple decode attempt [**] [Classification: Web Application Attack] [Priority: 1] 04/30-19:02:59.273068 24.150.86.224:3196 -> 192.168.1.6:80 TCP TTL:109 TOS:0x0 ID:25072 IpLen:20 DgmLen:136 DF ***AP*** Seq: 0xB7378F3E Ack: 0x7CBA066 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0333] |
[**] [1:970:5] WEB-IIS multiple decode attempt [**] [Classification: Web Application Attack] [Priority: 1] 04/30-19:02:59.470108 24.150.86.224:3197 -> 192.168.1.6:80 TCP TTL:109 TOS:0x0 ID:25519 IpLen:20 DgmLen:140 DF ***AP*** Seq: 0xB7392EA8 Ack: 0x73CCD69 Win: 0x4470 TcpLen: 20 [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0333] |
[**] [1:1002:5] WEB-IIS cmd.exe access [**] [Classification: Web Application Attack] [Priority: 1] 04/30-19:03:08.682353 24.150.86.224:3260 -> 192.168.1.6:80 TCP TTL:109 TOS:0x0 ID:52208 IpLen:20 DgmLen:136 DF ***AP*** Seq: 0xB788C19E Ack: 0x80E002B Win: 0x4470 TcpLen: 20 |