The server at work is being hit by a script kiddie....
Its obvious that its a script kiddie. Dumb snooping, not spoofing the ip etc etc etc. The exploits are basic and obvious (laughable in truth). Also, its 'attacking' software that isn't (or ever has been) on the server. The attack is slightly better than the average script kiddie - but thats not exactly saying much.
A nice explaination of the exact exploit is found here
I've adjusted the server to 'deny' all requests from that particular IP address - more to keep the error log tidy than for any other reason (as its a work server I can't redirect to a 'interesting' website).