Date: Thu, 11 Feb 1999 15:18:33 -0500 From: "Chuck O'Donnell" <cao@bus.net> To: Phil <ReachMe@Syne-Post.Com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: (8)exec error Message-ID: <19990211151832.A2265@milf18.bus.net> In-Reply-To: <36C31F6B.11D35AF4@Syne-Post.Com>; from Phil on Thu, Feb 11, 1999 at 01:20:27PM -0500 References: <36C31F6B.11D35AF4@Syne-Post.Com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Feb 11, 1999 at 01:20:27PM -0500, Phil wrote: > What does this mean???? As a hint it came from a script that is intended > to allow a web surfer to upload a graphic to the site. > > Actually what i would really like to see is a reference list for every > error message that can be encounter. > Has anyone ever come across that?? > > > This message keeps pooping up in the website logs. > > my httpd-error log says (I'm not even sure this is from the same event); > > [Wed Feb 10 17:55:22 1999] [error] client 210.160.106.226:1892 denied by > server > configuration: /usr/local/www/cgi-bin/phf > [Wed Feb 10 17:55:24 1999] [error] file permissions deny server > execution: /usr/ > local/www/cgi-bin/test-cgi > [Wed Feb 10 17:55:25 1999] [error] script not found or unable to stat: > /usr/loca > l/www/cgi-bin/handler I think "phf" is a query script supplied with older versions of Apache. I think there was a vulnerabiltiy found with the phf script supplied with Apache versions 1.0.3 and earlier. "test-cgi" is a script supplied in current Apache distributions. It supplies a dump of the CGI environment. I think the default install is perm 644, and yields the error message shown above when referenced until you set permissions to 755. I don't know about "handler". Looks like it just doesn't exist on your system. It looks kind of like someone is trying to probe your web server. If you are not using these scripts for anything, they should probably be removed... > > ok just did a live test and the site error log says; > [Thu Feb 11 13:13:14 1999] [error] (2)No such file or directory: exec of > /home/a > wards/awardscenter.com/cgi-bin/upload.cgi failed > [Thu Feb 11 13:13:18 1999] [error] Premature end of script headers: > /home/awards > /awardscenter.com/cgi-bin/upload.cgi > > Ok the httpd-error log did not record any error. > > And to prove the file exists here it is; > mnemo:/home/awards/awardscenter.com/cgi-bin # ls -ail > total 48 > 384021 drwxrwxrwx 2 awards awards 512 Feb 10 19:06 . > 322587 drwxr-xr-x 13 awards awards 512 Feb 8 15:03 .. > 384030 -rwxr-xr-x 1 awards awards 23096 Jan 7 00:18 FormMail.pl > 384023 -rwxr-xr-x 1 awards awards 3408 Feb 10 17:55 publisher.cgi > 384024 -rwxr-xr-x 1 awards awards 4814 Jan 8 07:12 template.pl > 384022 -rwxrwxrwx 1 awards awards 13344 Feb 11 03:10 upload.cgi > mnemo:/home/awards/awardscenter.com/cgi-bin # > > > Were realy at a loss here any ideas. That looks like a problem with the "upload.cgi" script. Maybe the "#!" string is pointing to the wrong place if it is a Perl script. Chuck To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990211151832.A2265>