Re: firefox: annoyance

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Sat, Sep 27, 2014 at 11:02 AM, Keith Keller <
kkeller@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

> On 2014-09-26, Valeri Galtsev <galtsev@xxxxxxxxxxxxxxxxx> wrote:
> > On Fri, September 26, 2014 5:13 pm, John R Pierce wrote:
> >>
> >> linux apache web servers with the bash exploit are getting owned en
> >> masse today.     my (patched) internet web server has logged 100s and
> >> 100s of attempts like...
> >>
> >> 66.186.2.172 - - [26/Sep/2014:00:49:29 -0700] "GET /cgi-bin/test.sh
> >
> > I feel really stupid, but I have to ask. If your server wasn't patched,
> it
> > only would have owned by the above if that file exists, is executable by
> > apache and it indeed invokes bash (say, has #!/bin/bash or whatever bash
> > location is as first line), right? ;-)
>
> At first glance I would agree with you, but then I would wonder, if that
> request wouldn't work almost anywhere, why are the skr1pt k1dd13s doing
> it?
>

Old source versions of Apache used to come with a test.sh file in the
default cgi-bin directory, but those days are long gone, I suspect.

Cheers,

Cliff
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux