[mapserver-users] Server hacked via cgi-bin - Mapserver, PHP, …? How to better protect the machine now?
Stephen Woodbridge
woodbri at swoodbridge.com
Mon Dec 9 06:27:39 PST 2013
On 12/9/2013 5:59 AM, Stefan Schwarzer wrote:
> Hi there,
>
> our server on which we have an application with mapserver running has
> been hacked two times within the last month. Each time (it seems),
> they succeeded to inject a perl script through /cgi-bin/.
>
> Now, not yet 100% how they came in… But it seems they came in via PHP
> in /cgi-bin/. But we're not 100% sure. If it would be the case, we
> could delete the PHP in /cgi-bin? Are there any reports on
> /cgi-bin/mapserv being hacked?
Here is a write up I did on this for a client:
http://imaptools.com/downloads/cgi-bin-php-exploit.pdf
Hope this helps,
-Steve W
More information about the MapServer-users
mailing list