Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Message-ID: <20001123055618.13310.qmail@web2305.mail.yahoo.com>
Date: Wed, 22 Nov 2000 21:56:18 -0800 (PST)
From: Andy Watts <andywatts@yahoo.com>
Subject: Security: hacker uploading files via catalina
To: tomcat-user@jakarta.apache.org
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-243268139-974958978=:7805"

--0-243268139-974958978=:7805
Content-Type: text/plain; charset=us-ascii


Hi,

Over the last week someone has been able to upload files to my document root.  The file names are freechat.asp, getlatest.glh, chat_a.cgi.  The files are appear pretty useless, however it is the mechanism that allowed them to be uploaded which worries me.

I know for sure that the files are being uploaded by http.  

If anyone has any ideas, I'd greatly appreciate the help.

-Aandy


---------------------------------
Do You Yahoo!?
Yahoo! Shopping - Thousands of Stores. Millions of Products.
--0-243268139-974958978=:7805
Content-Type: text/html; charset=us-ascii

<P>Hi,</P>
<P>Over the last week someone has been able to upload files to my document root.&nbsp; The file names are freechat.asp, getlatest.glh, chat_a.cgi.&nbsp; The files are appear pretty useless, however it is the mechanism that allowed them to be uploaded which worries me.</P>
<P>I know for sure that the files are being uploaded by http.&nbsp; </P>
<P>If anyone has any ideas, I'd greatly appreciate the help.</P>
<P>-Aandy</P><p><br><hr size=1><b>Do You Yahoo!?</b><br>
<a href="http://shopping.yahoo.com/">Yahoo! Shopping</a> - 
Thousands of Stores. Millions of Products.
--0-243268139-974958978=:7805--