symlink race condition triggered by IP address
Hi,
I'm running EA4 and have Symlink Protection on and I keep on seeing entries in the lfd log for:
symlink race condition triggered by xxx.xxx.xxx.xxx
These are all for one WordPress website and I know that the users involved are trustworthy
The entries in my Apache error log are as such and all relate to the use of mailman
[Mon Jun 25 10:19:35.740170 2018] [core:error] [pid 22650] [client XXX.XXX.XXX.XXX:62127] Caught race condition abuser. attacker: 1012, victim: 0 open file owner: 0, open file: /usr/local/cpanel/img-sys/mailman.jpg, referer:
[Mon Jun 25 10:19:35.771963 2018] [core:error] [pid 23129] [client XXX.XXX.XXX.XXX:62130] Caught race condition abuser. attacker: 1012, victim: 0 open file owner: 0, open file: /usr/local/cpanel/img-sys/PythonPowered.png, referer:
[Mon Jun 25 10:20:20.929152 2018] [core:error] [pid 19756] [client XXX.XXX.XXX.XXX:62157] Caught race condition abuser. attacker: 1012, victim: 0 open file owner: 0, open file: /usr/local/cpanel/img-sys/PythonPowered.png, referer:
[Mon Jun 25 10:20:28.421186 2018] [core:error] [pid 24425] [client XXX.XXX.XXX.XXX:62165] Caught race condition abuser. attacker: 1012, victim: 0 open file owner: 0, open file: /usr/local/cpanel/img-sys/mailman.jpg, referer:
[Mon Jun 25 10:20:28.440335 2018] [core:error] [pid 20568] [client XXX.XXX.XXX.XXX:62169] Caught race condition abuser. attacker: 1012, victim: 0 open file owner: 0, open file: /usr/local/cpanel/img-sys/gnu-head-tiny.jpg, referer:
Please sign in to leave a comment.
Comments
0 comments