Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

vulnerability in glocation.cgi?

From: Christine Kronberg <Christine_Kronberg () genua de>
Date: Thu, 8 Jan 2004 19:18:21 +0100 (CET)

  Hi,


  I just checked my private webserver and found several attempts
  to perform an "ls -la" via glocation.cgi. I never had such an
  cgi on my server. I googled but all I found was a hint that this
  problem may have occurred somewhen in august 2003.
  I found nothing at securityfocus.
  These attempts are coming from various IPs every couple of minutes
  starting with

x.x.x.x - - [08/Jan/2004:17:06:42 +0100] "GET /cgi-bin/glocation.cgi?g=ls%20-la HTTP/1.1" 404 1100 "-" "-"

  The funny thing is, that the target is a virtual webserver.
  The main server does not get this kind of stuff.

  Does anyone observe the same? Any hints for more information?

  Cheers,


                                                          Chris.


---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: