PEAK XOOPS - Doubtful file specification 
Doubtful file specification
- You cannot open a new topic into this forum
- Guests cannot post into this forum
Previous post
-
Next post
|
Parent
-
Children.1
|
Posted on 2005/6/25 19:02
jseymour
From: Gainesville Florida, USA
Posts: 40
From: Gainesville Florida, USA
Posts: 40
Hi again GIJOE,
Got a protector log question.
A few weeks ago my protector caught this:
Quote:
Since then a thread on xoops.org got me thinking to post this here. You can read the thread Here.
Although I do not believe this attack had anything to do with the Iframe that started the topic, I thought it was interesting that three of us got this same log in our protector on the same day from the same IP.
I wanted to get your insight on what this person was trying to do, and your thoughts on the significance of having this in multiple logs of different unrelated sites.
Thanks again for the Protector, as well as your time.
Got a protector log question.
A few weeks ago my protector caught this:
Quote:
2005/6/7 7:12:59 Guests 24.194.25.74
Java/1.4.1_05 ParentDir Doubtful file specification '../../../../../../../../../../../../../../../../../etc/passwd' found.
Since then a thread on xoops.org got me thinking to post this here. You can read the thread Here.
Although I do not believe this attack had anything to do with the Iframe that started the topic, I thought it was interesting that three of us got this same log in our protector on the same day from the same IP.
I wanted to get your insight on what this person was trying to do, and your thoughts on the significance of having this in multiple logs of different unrelated sites.
Thanks again for the Protector, as well as your time.
Votes:0
Average:0.00
Previous post
-
Next post
|
Parent
-
No child
|
Posted on 2005/6/29 18:25
GIJOE
Posts: 4110
Posts: 4110
hi Seymour.
The attack is named by "directory traversal".
There are almost non-sense if someone get the contents of /etc/passwd.
I think it is just a mischief or checking the security level of your site.
Since there are a certain numbers of XSS scanner,
it is quite natural if "directory traversal scanner" exists.
The attack is named by "directory traversal".
There are almost non-sense if someone get the contents of /etc/passwd.
I think it is just a mischief or checking the security level of your site.
Since there are a certain numbers of XSS scanner,
it is quite natural if "directory traversal scanner" exists.
Votes:4
Average:10.00
Login