httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jez Hancock <>
Subject Re: [users@httpd] Strange Error log msgs
Date Fri, 06 Feb 2004 19:19:57 GMT
On Fri, Feb 06, 2004 at 12:19:27PM -0500, Adam Goldstein wrote:
> This is a dedicated user system, and the site author says nothing uses 
> 'su' , and everything is in php, no cgi.
> neither apache nor php has suexec capability.
> I did a grep for "su -a" and found nothing, and obviously grep'ing for 
> just "su" would be a bit crazy.
> the error has no time stamp, and no page reference.
> Is there any known exploit or vulnerability in that version of apache 
> to allow an su command to occur from an outside request?
The error would occur if someone put this in a php script:

$bleh=`su -a`;

It's not a problem with apache in short - the problem is with a
script that is being misused - either maliciously or inadvertently.

Unfortunately grepping for 'su' might not even be enough - consider 
some code like this in a php script:


then if someone posted a form after entering 'su -a' in the 'cmd' form
field, the error you're seeing would be generated.

Jez Hancock
 - System Administrator / PHP Developer  - Another FreeBSD Diary        - ipfw peruser traffic logging

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message