If I understand you correctly, you have the php executable in cgi-bin?
That is a major no, no. You should never do that, be it the php binary
or the perl binary as an attacker can pass command line parameters
directly to the executable bypassing your configuration file.
Only scripts like *.pl or *.php, which call the binary on the first line
ie, #!/usr/bin/php -q, should be placed in the cgi-bin directory.
As far as mapserve in cgi-bin, I don't know enough about it. Personally,
I would never put *any* executable in cgi-bin, including mapserv.
Scott
On 12/09/13 02:59, Stefan Schwarzer wrote:
Hi there,
our server on which we have an application with mapserver running has been
hacked two times within the last month. Each time (it seems), they succeeded to
inject a perl script through /cgi-bin/.
Now, not yet 100% how they came in… But it seems they came in via PHP in
/cgi-bin/. But we're not 100% sure. If it would be the case, we could delete
the PHP in /cgi-bin? Are there any reports on /cgi-bin/mapserv being hacked?
Thanks for any hints,
Stefan
_______________________________________________
mapserver-users mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/mapserver-users
_______________________________________________
mapserver-users mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/mapserver-users
