Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

Has anyone seen this before? 
 
louise100
Sr. Member
 
Avatar
Total Posts:  168
Joined:  2009-01-26
UK
 

In the online customers section of the admin, has anyone seen an ip address trying to visit ‘pages’ like this:

/catalog/seo_sitemap/category//*.php?option=com_product&controller;=../../../../../../../../../../../../../../../proc/self/environ�

and

//*.php?option=com_product&controller;=../../../../../../../../../../../../../../../proc/self/environ�

Could this be someone trying to vunerabilities in Magento?

 
Magento Community Magento Community
Magento Community
Magento Community
 
Brent W Peterson
Moderator
 
Avatar
Total Posts:  3217
Joined:  2009-02-26
Minneapolis MN
 

You will see these bots all the time, it could be a person but more likely a scanner.

 
Magento Community Magento Community
Magento Community
Magento Community
 
J_T_
Moderator
 
Avatar
Total Posts:  1961
Joined:  2008-08-07
London-ish, UK
 

See the other latest 6 security threads. They’re looking for a weakness in Zend’s way of using controllers. Magento hasn’t been keen to address it but we’ve been looking at ways to prevent these from working. There are htaccess rules (see my thread) as well as an index.php hack that stops this in its track.

See:

http://www.magentocommerce.com/boards/viewthread/209511/

http://www.magentocommerce.com/boards/viewthread/209807/

http://www.magentocommerce.com/boards/viewthread/206501/

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top