Doug Ledford wrote:
A total of 3 sites probed the server
66.249.71.77
66.249.71.78
66.249.71.79
These reverse map to googlebot.com.
A total of 6 possible successful probes were detected (the following URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):
/koji/fileinfo?rpmID=866&filename=/usr/kerberos/bin/kpasswd HTTP Response 200
/koji/fileinfo?rpmID=1356&filename=/usr/bin/ldappasswd HTTP Response 200
/koji/fileinfo?rpmID=1954&filename=/usr/bin/vncpasswd HTTP Response 200
/koji/fileinfo?rpmID=3570&filename=/usr/bin/vncpasswd HTTP Response 200
/koji/fileinfo?rpmID=3107&filename=/usr/bin/ldappasswd HTTP Response 200
/koji/fileinfo?rpmID=2686&filename=/usr/kerberos/bin/kpasswd HTTP Response 200
These links are all reachable via the web ui, any crawler might will hit
them. I suggest adding a robots.txt to keep crawlers out.
--
Fedora-buildsys-list mailing list
Fedora-buildsys-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
