[Systems] False positive
Sascha Silbe
sascha-ml-ui-sugar-systems at silbe.org
Fri Mar 13 06:47:52 EDT 2009
On Fri, Mar 13, 2009 at 11:39:48AM +0100, Bernie Innocenti wrote:
>> 134.2.222.10
That one's probably me.
Just for the record: I haven't (yet) intentionally scanned / probed /
whatever the server (on the network level).
>> /passwd HTTP Response 200
>> /index.php?cont=../../../../../../../../../../../../../../../etc/passwd%00
>> HTTP Response 200
> These two entries in today's logwatch on sunjammer almost made me
> faint,
> but they're both false positives.
> /passwd is just the password change form.
Yes, I've used that one to change the initial password according to the
instructions in the "welcome" mail.
CU Sascha
--
http://sascha.silbe.org/
http://www.infra-silbe.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: Digital signature
Url : http://lists.sugarlabs.org/private/systems/attachments/20090313/d04669d2/attachment.pgp
More information about the Systems
mailing list