httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeremy Hilton <jeremy-l...@adtcs.com>
Subject Re: [users@httpd] Weird error logs
Date Tue, 08 Feb 2005 17:04:05 GMT
On 2/8/05 6:32 AM, "John" <isofroni@cc.uoi.gr> wrote:

> 
> ----- Original Message -----
> From: "Eimantas Vaiči?nas" <eimantas.vaiciunas@sc.vu.lt>
> To: <users@httpd.apache.org>
> Sent: Tuesday, February 08, 2005 12:27 PM
> Subject: Re: [users@httpd] Weird error logs
> 
> 
>> On Tuesday 08 February 2005 11:44, John wrote:
>>> in my error_log i noticed that errors
>>> 
>>> 
>>> gunzip: stdout: Broken pipe
>>> 
>>> gunzip: stdout: Broken pipe
>>> 
>>> gunzip: stdout: Broken pipe
>>> 
>>> 
>>> Does anyone know what does this mean?
>>> I use Apache/1.3.28 (Linux/SuSE) PHP/4.3.3
>>> 
>>> Thanks in advance.
>> Don't mind errors, update your apache and php :-)
>> -- 
>> Eimantas Vaiči?nas
>> VU Skaičiavimo centras
>> 
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>> 
>> 
>> 
> 
> I have the apache patched with the latest patch that Suse issued
> (apache-1.3.28-77)
> 
> I cannot see any odd message in the /var/log/messages , not even in the
> /var/log/warn.
> 
> How can these errors be produced?
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 

Are you using any software like PHPBB? In an older version of PHPBB there
was vulnerability that allowed attackers to run system commands by query
string manipulation. They could do nasty little things like wget a perl
script into /tmp and then execute it. The perl script would open up a
backdoor on a high numbered port.

The output of the wget command would show up in your apache logs.

I would suggest greping your access logs for gunzip.

Jeremy


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message