You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "Jason P." <jp...@attbi.com> on 2003/04/04 06:28:39 UTC
[users@httpd] Error problems.
Hello users…
I haven’t been keeping up on the server, I have just really been working
on updating the website that I am hosting and really haven’t had a whole
lot of time to check for errors and what not. Here are some of the
errors I am getting and they are recurring. I am BRAND spanking new to
Apache and servers. So hopefully I am not repeating anyone, seeing how I
have about 700 emails in the last several weeks to “go through”. Ugh
But here they are:
1. [Thu Apr 03 20:27:09 2003] [error] [client 12.254.211.167] File
does not exist: c:/program files/apache
group/apache/htdocs/msadc/..%5c/..%5c/..%5c/..Á�/..Á�/..Á�/winnt/system3
2/cmd.exe
[Thu Apr 03 20:27:10 2003] [error] [client 12.254.211.167] File does not
exist: c:/program files/apache
group/apache/htdocs/scripts/..Á�/winnt/system32/cmd.exe
2. [Thu Apr 03 20:27:13 2003] [error] [client 12.254.211.167] File does
not exist: c:/program files/apache
group/apache/htdocs/scripts/..Áœ/winnt/system32/cmd.exe
3. [Thu Apr 03 20:38:03 2003] [error] [client 68.17.183.19] File does
not exist: c:/program files/apache group/apache/htdocs/test.css
4. [Thu Apr 03 20:58:01 2003] [error] [client 12.254.47.37] File does
not exist: c:/program files/apache group/apache/htdocs/default.ida
Thanks everyone.
Re: [users@httpd] Error problems.
Posted by "Jeremy D. Weiss" <jd...@chanweiss.com>.
>1. [Thu Apr 03 20:27:09 2003] [error] [client 12.254.211.167] File
>does not exist: c:/program files/apache
>group/apache/htdocs/msadc/..%5c/..%5c/..%5c/..Á/..Á/..Á/winnt/system32/cmd.exe
>
>[Thu Apr 03 20:27:10 2003] [error] [client 12.254.211.167] File does not
>exist: c:/program files/apache
>group/apache/htdocs/scripts/..Á/winnt/system32/cmd.exe
>
>
>
>2. [Thu Apr 03 20:27:13 2003] [error] [client 12.254.211.167] File does
>not exist: c:/program files/apache
>group/apache/htdocs/scripts/..Á/winnt/system32/cmd.exe
>
>
>
>3. [Thu Apr 03 20:38:03 2003] [error] [client 68.17.183.19] File does not
>exist: c:/program files/apache group/apache/htdocs/test.css
>
>
>
>4. [Thu Apr 03 20:58:01 2003] [error] [client 12.254.47.37] File does not
>exist: c:/program files/apache group/apache/htdocs/default.ida
1, 2, and 4 I am 99% positive are results of someone trying to use a NIMDA
style attack on your sever...good thing you run a real webserver, not IIS :)
3, I'm not so sure of...
Unfortunately, I can't find any information online about the form of the
URLs nimda (and others) use to attack, but I do recall that they would try to
a) cd ../ multiple times, trying to get to the disk root, then into the
system folder
b) use malformed URLs with special characters, trying to buffer-overflow
IIS, and have it execute the code that said special characters represented
Basically, it looks like some moron is trying to h4x0r your box...feel free
to scoff loudly at them, but make sure to keep your eyes out if Apache
releases any security updates :)
==Jeremy
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org