Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: "Anna “CyberTailor”" <cyber@×××××.in>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] strange errors in http log, what can/should I do about it.
Date: Mon, 28 Feb 2022 10:39:33
Message-Id: YhymWIhOrmzAl09W@sysrq.in
In Reply to: [gentoo-user] strange errors in http log, what can/should I do about it. by John Covici
1 On 2022-02-28 04:35, John Covici wrote:
2 > A total of 4 possible successful probes were detected (the following
3 > URLs
4 > contain strings that match one or more of a listing of strings that
5 > indicate a possible exploit):
6 >
7 > /?f=../../../../../../../../../etc/passwd HTTP Response 200
8 > /?file=../../../../../../../../../etc/passwd HTTP Response 200
9 > /?filename=../../../../../../../../../etc/passwd HTTP
10 > Response 200
11 > /?id=../../../../../../../../../etc/passwd HTTP Response
12 > 200
13
14 It's a path traversal attack:
15 https://owasp.org/www-community/attacks/Path_Traversal
Report Message
Find on MARC Find on Google Groups