On 1/28/06, James R. Hay <jrhay@xxxxxxxxxx> wrote: > > Ok, so my intuition that somewhere I should find a corresponding entry in > an access log for one of the websites is correct, presumably somewhere > near the time of the timestamp from the error log. Yes. > So, this goes more into PHP than Apache but would presumably suggest > either a script allowing an upload or a query string that was exploited or > the like. Yes. It is most likely an exploit in a standard php application, because those are much easier to exploit using automated tools. A problem in a custom written php script would require more effort to find. So check the common problems like phpbb, phpnuke, etc. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|