HTTP_chown command attempt

 

Code: p632

Severity: Warning

 

Description: Attempted chown command access via web

Impact: Attempt to change file ownership permissions on a webserver.

Corrective: Webservers should not be allowed to view or execute files and binaries outside of it'sdesignated web root or cgi-bin.Whenever possible, sensitive files andcertain areas of the filesystem should have the system immutable flagset to negate the use of the chown command. On BSD derived systems,setting the systems runtime securelevel also prevents the securelevelfrom being changed. (note: the securelevel can only beincreased)