Date: Sun, 26 Jan 1997 03:43:35 -0400 (AST) From: Christian Hochhold <expert@dusk.net> To: freebsd-isp@freebsd.org Subject: possible phf exploit? Message-ID: <199701260743.DAA06284@eternal.dusk.net>
next in thread | raw e-mail | index | archive | help
Evenin' While checking my access logs I came across a few very interesting things.. someone trying to get to the passwd file through pfh. The logs showed the attempted access as being in the following format: /cgi-bin/phf/Q?alias=x%ff/bin/cat%20/etc/passwd I don't run phf (nor have I checked it out per say), however to someone who does know/use phf this might prove interesting. Comments? =) Christian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199701260743.DAA06284>