httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John" <isofr...@cc.uoi.gr>
Subject Re: [users@httpd] Weird error logs
Date Wed, 09 Feb 2005 07:44:42 GMT

----- Original Message ----- 
From: "Jeremy Hilton" <jeremy-list@adtcs.com>
To: <users@httpd.apache.org>
Sent: Tuesday, February 08, 2005 7:15 PM
Subject: Re: [users@httpd] Weird error logs


> On 2/8/05 12:11 PM, "John" <isofroni@cc.uoi.gr> wrote:
>
> >
> > ----- Original Message -----
> > From: "Jeremy Hilton" <jeremy-list@adtcs.com>
> > To: <users@httpd.apache.org>
> > Sent: Tuesday, February 08, 2005 7:04 PM
> > Subject: Re: [users@httpd] Weird error logs
> >
> >
> >> On 2/8/05 6:32 AM, "John" <isofroni@cc.uoi.gr> wrote:
> >>
> >>>
> >>> ----- Original Message -----
> >>> From: "Eimantas Vaiči?nas" <eimantas.vaiciunas@sc.vu.lt>
> >>> To: <users@httpd.apache.org>
> >>> Sent: Tuesday, February 08, 2005 12:27 PM
> >>> Subject: Re: [users@httpd] Weird error logs
> >>>
> >>>
> >>>> On Tuesday 08 February 2005 11:44, John wrote:
> >>>>> in my error_log i noticed that errors
> >>>>>
> >>>>>
> >>>>> gunzip: stdout: Broken pipe
> >>>>>
> >>>>> gunzip: stdout: Broken pipe
> >>>>>
> >>>>> gunzip: stdout: Broken pipe
> >>>>>
> >>>>>
> >>>>> Does anyone know what does this mean?
> >>>>> I use Apache/1.3.28 (Linux/SuSE) PHP/4.3.3
> >>>>>
> >>>>> Thanks in advance.
> >>>> Don't mind errors, update your apache and php :-)
> >>>> -- 
> >>>> Eimantas Vaiči?nas
> >>>> VU Skaičiavimo centras
> >>>>
> >>>> ---------------------------------------------------------------------
> >>>> The official User-To-User support forum of the Apache HTTP Server
> > Project.
> >>>> See <URL:http://httpd.apache.org/userslist.html> for more info.
> >>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>>>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> >>>> For additional commands, e-mail: users-help@httpd.apache.org
> >>>>
> >>>>
> >>>>
> >>>
> >>> I have the apache patched with the latest patch that Suse issued
> >>> (apache-1.3.28-77)
> >>>
> >>> I cannot see any odd message in the /var/log/messages , not even in
the
> >>> /var/log/warn.
> >>>
> >>> How can these errors be produced?
> >>>
> >>>
> >>>
> >>> ---------------------------------------------------------------------
> >>> The official User-To-User support forum of the Apache HTTP Server
> > Project.
> >>> See <URL:http://httpd.apache.org/userslist.html> for more info.
> >>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
> >>> For additional commands, e-mail: users-help@httpd.apache.org
> >>>
> >>
> >> Are you using any software like PHPBB? In an older version of PHPBB
there
> >> was vulnerability that allowed attackers to run system commands by
query
> >> string manipulation. They could do nasty little things like wget a perl
> >> script into /tmp and then execute it. The perl script would open up a
> >> backdoor on a high numbered port.
> >>
> >> The output of the wget command would show up in your apache logs.
> >>
> >> I would suggest greping your access logs for gunzip.
> >>
> >> Jeremy
> >>
> >>
> >> ---------------------------------------------------------------------
> >> The official User-To-User support forum of the Apache HTTP Server
Project.
> >> See <URL:http://httpd.apache.org/userslist.html> for more info.
> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> >> For additional commands, e-mail: users-help@httpd.apache.org
> >>
> >>
> >>
> >
> > I found nothing using a
> >
> > #egrep gunzip access_log
> >
> > I dont use phpbb2, just a php script (which doesn;'t receive anything
from
> > the URL ($_GET[])
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >  "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
> Are you doing any system calls from php?
>
> Jeremy
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>

No, i don't.
My script just connect to the database and execute 2 or 3 queries.
Only that.



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message