Security Basics mailing list archives
RE: Strange found in apache error.log
From: "Miguel Dilaj" <Miguel.Dilaj () nccgroup com>
Date: Tue, 6 Dec 2005 08:54:53 -0000
Look for the thread entitled "[Full-disclosure] Bug with .php extension?" in the full disclosure mailing list. Files with extension not associated with any filter can be executed as PHP scripts in Apache. Don't know if this is your case because I haven't investigated the issue in deep, but the "an unknown filter was not added" message smells like this bug. Cheers, Miguel -----Original Message----- From: kc () mikrobit pl [mailto:kc () mikrobit pl] Sent: 04 December 2005 00:40 To: security-basics () securityfocus com Subject: Strange found in apache error.log Hi I found something like this in my apapche error.log [Sat Dec 03 00:16:18 2005] [error] an unknown filter was not added: includes [Sat Dec 03 00:16:18 2005] [error] an unknown filter was not added: includes [Sat Dec 03 00:16:18 2005] [error] an unknown filter was not added: includes [Sat Dec 03 00:32:30 2005] [error] [client 218.156.221.22] client denied by server configuration: /v irtual/mikrobit/_http/ [Sat Dec 03 00:34:10 2005] [error] [client 81.219.172.109] client denied by server configuration: /v irtual/mikrobit/_http/ Miguel Dilaj Pen Test Consultant NCC Group Manchester Technology Centre, Oxford Road, Manchester, M1 7EF Tel: +44 (0)161 209 5459 Mobile: +44 (0)7811 352 848 Fax: +44 (0)161 209 5400 eMail: Miguel.Dilaj () nccgroup com website: www.nccgroup.com *********************************************************************************************************** DISCLAIMER: This e-mail contains proprietary information, some or all of which may be legally privileged. It is for the intended recipient only. If an addressing or transmission error has misdirected this e-mail, please notify the author by replying to this e-mail. If you are not the intended recipient you may not use, disclose, distribute, copy, print or rely on this e-mail. ***********************************************************************************************************
Current thread:
- Re: Strange found in apache error.log, (continued)
- Re: Strange found in apache error.log ascii (Dec 05)
- Re: Strange found in apache error.log Security (Dec 05)
- Re: Strange found in apache error.log Gaddis, Jeremy L. (Dec 06)
- Root kits and host.deny Frynge.com Support (Dec 08)
- Re: Root kits and host.deny Scott B (Dec 08)
- Re: Root kits and host.deny Jeff Davis (Dec 08)
- Re: Root kits and host.deny Edward Krack (Dec 12)
- Re: Root kits and host.deny Gaddis, Jeremy L. (Dec 12)
- Message not available
- Re: Root kits and host.deny Gaddis, Jeremy L. (Dec 13)
- Re: Strange found in apache error.log arron (Dec 05)
- RE: Strange found in apache error.log Miguel Dilaj (Dec 06)