Security Incidents mailing list archives
Web scans from umu.se
From: jose () BIOCSERVER BIOC CWRU EDU (Jose Nazario)
Date: Sat, 22 Apr 2000 13:46:01 -0400
Hi all, Tracked a wide sweep of the known SGI Infosearch problem (see BUGTRAQ ID 1031, I have to do a quick writeup on how to use the ACLs and post a followup, it's easily fixed) on our campus this morning appearing to originate in Sweeden. The domain has rather lacking NIC records, so I had to contact the upstream and hope it gets passed on (another rant coming soon).
From a server:
pedgr827.sn.umu.se - - [22/Apr/2000:07:17:48 -0400] "GET /cgi-bin/infosrch.cgi?cmd=getdoc&db=man&fname=|/bin/echo%20$HTTP_X|/bin/sh%20-s HTTP/1.0" 404 214
From a workstation:
access:pedgr827.sn.umu.se - - [22/Apr/1999:07:07:54 -0400] "GET /cgi-bin/infosrch.cgi?cmd=getdoc&db=man&fname=|/bin/echo%20$HTTP_X|/bin/sh%20-s HTTP/1.0" 500 305 errors:[22/Apr/1999:07:07:54] config: for host pedgr827.sn.umu.se trying to GET /cgi-bin/infosrch.cgi, check-acl reports: ACL name httpd-nameserver-WRITE not defined Kepp your eyes open. jose nazario jose () biochemistry cwru edu PGP fingerprint: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc
Current thread:
- Web scans from umu.se Jose Nazario (Apr 22)