This is a first "Incidents Report". We hope to publish more such reports in the future, and are looking for contributions. Feedback is welcome. Please send to 'isc_AT_sans.org'. If you wish to discus this report, please post your comments to the intrusions list ( http://www.sans.org/intrusions ).

Incidents Reports: http://isc.sans.org/webexploit.pdf

(if you are using xpdf and don't see some of the text, try 'acroread' to view the PDF file)