active system attack security violations

iLLuSiOnS · November 2, 2008

One of my security scripts (suhosin) that alerts me of unusual activity or attempted hacks or vulnerabilities is going crazy and reporting that oscommerce is getting attacked because of a vulnerability. Please help me fix it.

ALERT - configured request variable name length limit exceeded - dropped variable 'amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;

amp;amp;amp;amp;language' (attacker '66.249.71.xxx', file '/home/user/public_html/product_info.php')

how can I fix this?

Thank you.

♥FWR Media · November 2, 2008

One of my security scripts (suhosin) that alerts me of unusual activity or attempted hacks or vulnerabilities is going crazy and reporting that oscommerce is getting attacked because of a vulnerability. Please help me fix it.

ALERT - configured request variable name length limit exceeded - dropped variable 'amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;

amp;amp;amp;amp;language' (attacker '66.249.71.xxx', file '/home/user/public_html/product_info.php')

how can I fix this?

Thank you.

Looks like you have a looping request .. .htaccess rewrite rules?

Or it could be tep_redirect try ..

includes/functions/general.php

Find: -

function tep_redirect

Find in the function ..

header('Location: ' . $url);

Replace with ..

$url = str_replace('&', '&', $url);
header('Location: ' . $url);

iLLuSiOnS · November 2, 2008

wow, thanks for the quick reply. I made the changes, I will know in an hour whether or not it worked because I get the emails of this error every hour. Im crossing my fingers

iLLuSiOnS · November 2, 2008

darnit, that didnt work, still getting the errors, any other suggestions?

♥FWR Media · November 2, 2008

darnit, that didnt work, still getting the errors, any other suggestions?

Probably a redirect in .htaccess then but it does look like a looping redirect.

iLLuSiOnS · November 2, 2008

this is what my htaccess file looks like

Options +FollowSymLinks
RewriteEngine On 
RewriteBase /

RewriteRule ^(.*)-p-(.*).html$ product_info.php?products_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-c-(.*).html$ index.php?cPath=$2&%{QUERY_STRING}
RewriteRule ^(.*)-m-([0-9]+).html$ index.php?manufacturers_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-pi-([0-9]+).html$ popup_image.php?pID=$2&%{QUERY_STRING}
RewriteRule ^(.*)-t-([0-9]+).html$ articles.php?tPath=$2&%{QUERY_STRING}
RewriteRule ^(.*)-a-([0-9]+).html$ article_info.php?articles_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-pr-([0-9]+).html$ product_reviews.php?products_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-pri-([0-9]+).html$ product_reviews_info.php?products_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-i-([0-9]+).html$ information.php?info_id=$2&%{QUERY_STRING}

♥FWR Media · November 2, 2008

this is what my htaccess file looks like

Options +FollowSymLinks
RewriteEngine On 
RewriteBase /

RewriteRule ^(.*)-p-(.*).html$ product_info.php?products_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-c-(.*).html$ index.php?cPath=$2&%{QUERY_STRING}
RewriteRule ^(.*)-m-([0-9]+).html$ index.php?manufacturers_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-pi-([0-9]+).html$ popup_image.php?pID=$2&%{QUERY_STRING}
RewriteRule ^(.*)-t-([0-9]+).html$ articles.php?tPath=$2&%{QUERY_STRING}
RewriteRule ^(.*)-a-([0-9]+).html$ article_info.php?articles_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-pr-([0-9]+).html$ product_reviews.php?products_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-pri-([0-9]+).html$ product_reviews_info.php?products_id=$2&%{QUERY_STRING}
RewriteRule ^(.*)-i-([0-9]+).html$ information.php?info_id=$2&%{QUERY_STRING}

I'd need to see a link and I'm off to bed now.

active system attack security violations

Recommended Posts

iLLuSiOnS

♥FWR Media

iLLuSiOnS

iLLuSiOnS

♥FWR Media

iLLuSiOnS

♥FWR Media

Archived

Browse

Activity