[Modsecurity] <kein Betreff>

Christian Börstler c.boerstler at web.de
Thu Apr 13 03:32:24 EDT 2006 

Hi,

IŽm using the lastest mod_security rules for apache 2.x with suse 9.3.
Now I want to test all function of my cms (typo3).
But there is a failure:


Request: www.evg-fallersleben.de 194.114.62.65 - - [12/Apr/2006:15:15:41 +0200] "POST /typo3/alt_doc.php?&edit[tt_content][20]=new&defVals[tt_content][colPos]=2&defVals[tt_content][sys_language_uid]=0&defVals[tt_content][CType]=text&returnUrl=%2Ftypo3%2Fsysext%2Fcms%2Flayout%2Fdb_layout.php%3Fid%3D20 HTTP/1.1" 500 1059 "https://www.evg-fallersleben.de/typo3/alt_doc.php?edit[tt_content][20]=new&defVals[tt_content][colPos]=2&defVals[tt_content][sys_language_uid]=0&returnUrl=%2Ftypo3%2Fsysext%2Fcms%2Flayout%2Fdb_layout.php%3Fid%3D20&defVals[tt_content][CType]=text" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1" - "-"
Handler: type-map
----------------------------------------
POST /typo3/alt_doc.php?&edit[tt_content][20]=new&defVals[tt_content][colPos]=2&defVals[tt_content][sys_language_uid]=0&defVals[tt_content][CType]=text&returnUrl=%2Ftypo3%2Fsysext%2Fcms%2Flayout%2Fdb_layout.php%3Fid%3D20 HTTP/1.1
Host: www.evg-fallersleben.de
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: https://www.evg-fallersleben.de/typo3/alt_doc.php?edit[tt_content][20]=new&defVals[tt_content][colPos]=2&defVals[tt_content][sys_language_uid]=0&returnUrl=%2Ftypo3%2Fsysext%2Fcms%2Flayout%2Fdb_layout.php%3Fid%3D20&defVals[tt_content][CType]=text
Cookie: BCSI-CSC2723E42=2; be_typo_user=2ec64b9978d81621433137fdcbd5b941; PHPSESSID=3u07q5l6osaqmn7uj0ire8f3m0
Content-Type: multipart/form-data; boundary=---------------------------153501500631101
Content-Length: 7956

mod_security-action: 500
mod_security-message: Access denied with code 500. Pattern match "(cmd|command)=.*(cd|\\;|perl |python |rpm |yum |apt-get |emerge |lynx |links |mkdir |elinks |cmd|pwd|wget |lwp-(download|request|mirror|rget) |id|uname|cvs |svn |(s|r)(cp|sh) |net(stat|cat) |rexec |smbclient |t?ftp |ncftp |curl |telnet |gcc |cc |g\\+\\+ |whoami|\\./|killall |rm \\-[a-z|A-Z])" at POST_PAYLOAD


What should I do?

Thanks for help.

Christian
_________________________________________________________________________
Mit der Gruppen-SMS von WEB.DE FreeMail können Sie eine SMS an alle 
Freunde gleichzeitig schicken: http://freemail.web.de/features/?mc=021179

More information about the Modsecurity mailing list