This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Suspicious EXE named "[.exe" in c:\cygwin\bin?


An email to sourcemaster@sourceware.org bounced. Can anyone bring this
to the attention of the webmaster?

==============================
Internal Server Error

The server encountered an internal error or misconfiguration and was
unable to complete your request.

Please contact the server administrator, sourcemaster@sourceware.org
and inform them of the time the error occurred, and anything you might
have done that may have caused the error.

More information about this error may be available in the server error log.
Apache/2.0.52 (Red Hat) Server at cygwin.com Port 80

On Sun, Dec 12, 2010 at 11:50 AM, Jeffrey Walton <noloader@gmail.com> wrote:
> ?"[1 = 1]" gets an Internal Server error. The PHP is probably trying
> to cough up everything....
>
> On Sun, Dec 12, 2010 at 11:44 AM, Jeffrey Walton <noloader@gmail.com> wrote:
>> BTW, Since the web interface tried to interpret my input ("Invalid
>> regular expression search string"), this database is probably
>> vulnerable to a SQL injection.
>>
>> GNU just got pwn'd
>>
>> Has anyone tried thew 1 =1 trick lately? Are passwords residing in
>> another table?
>>
>> Jeff
>>
>> Am 12.12.2010 12:29, schrieb Jeffrey Walton:
>>> Hi Guys,
>>>
>>> The executable name is suspicious at best. Attempting to search
>>
>> On the contrary, it's a standard utility mentioned in IEEE Std 1003.1.
>>
>>> http://cygwin.com/packages/ results in an error "Invalid regular
>>> expression search string: `[.exe`". Quotes, double quotes, and back
>>> ticks do not help during the search.
>>
>> Problem of the web interface.
>>
>>> What is this program supposed to do?
>>
>> The same as "test", except that "[" will expect and consume the closing bracket.
>> ?Used in scripting with shells that don't have [ built-in.
>>
>> Details with "man test" ("man [" is missing on my Cygwin system), or in bash
>> with "help [".
>>
>> --
>> Matthias Andree
>>
>> --
>> Problem reports: ? ? ? http://cygwin.com/problems.html
>> FAQ: ? ? ? ? ? ? ? ? ? http://cygwin.com/faq/
>> Documentation: ? ? ? ? http://cygwin.com/docs.html
>> Unsubscribe info: ? ? ?http://cygwin.com/ml/#unsubscribe-simple
>>
>

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]