On 1/28/06, James R. Hay <[EMAIL PROTECTED]> wrote: > The entries below were found in the Apache error log while investigating on > apparent exploit. Thus far I have not found any corresponding access log > entry > and I am wondering if this is an indication that the intruder gained a shell?
Close enough. It is the stderr from a broken script someplace, most likely indicating that you have a compromised php script on your system. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
