Clearly some security scanner wrote those entries in your log file. If you have something checking for that kind of exploit, you might want to look at its documentation for details. (And report back!)
Issac Goldstand wrote:
not sure what it thinks its matching but both of those urls will return 200 with the homepage on a static site...Sent from my mobile. Please excuse any typos, spelling or other weirdness.Sent with AquaMail for Android http://www.aqua-mail.comOn November 19, 2012 4:39:58 AM Knute Johnson <apache@xxxxxxxxxxxxxxxx> wrote:A total of 2 possible successful probes were detected (the following URLs contain strings that match one or more of a listing of strings that indicate a possible exploit):/?mod=../../../../../../../../proc/self/environ%00 HTTP Response 200 /?page=../../../../../../../../proc/self/environ%00 HTTP Response 200Above showed up in my log this morning. Anybody know what the exploit could be and how one can prevent this? Thanks, knute... --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
-- In theory, there is no difference between theory and practice. In practice, there is. .... Yogi Berra --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|