Thank you for using Ubuntu and taking the time to report a bug. You said
that the file has mode 644. This is write access to the owner and read
access to everyone. Apache did the right thing by returning 200 and
serving the file. Clearly, an attacker/script tried to access the file
with parameters, but this is not a flaw in apache.
** Changed in: apache2 (Ubuntu)
Status: New => Invalid
** Visibility changed to: Public
** This bug is no longer flagged as a security issue
--
Apache 2.2.9 strange logs
https://bugs.launchpad.net/bugs/277213
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
