Cannot execute CGI programs in /cgi-bin with Apache

Cannot execute CGI programs in /cgi-bin with Apache

Post by Alexander Skwa » Tue, 25 Jun 2002 04:44:26


I'm unable to run any CGI programs from /cgi-bin/ using the Mandrake
apache-1.3.24-2mdk RPM on a MandrakeLinux Cooker system.  However, if I
put the same program into ~user/public_html/cgi-bin and access it via
http://localhost/~user/cgi-bin/prg, it runs fine.  The file is set to
executable in both directories.

My /etc/httpd/conf/commonhttpd.conf contains (amongst much more):

<Directory />
  Options -All -Multiviews
  AllowOverride None
  Order deny,allow
  Deny from all

<IfModule mod_alias.c>
    ScriptAlias /cgi-bin/ /var/www/cgi-bin/

<Directory /var/www/cgi-bin>
    AllowOverride All
    #Options ExecCGI
    Options +ExecCGI -Includes -Indexes
    SetHandler cgi-script

<Directory /home/*/public_html/cgi-bin>
     Options +ExecCGI -Includes -Indexes
     SetHandler cgi-script

In the error_log I get:

[Sun Jun 23 18:56:50 2002] [error] [client] client denied by server configuration: /var/www/cgi-bin/foo.php

Any ideas about what's wrong here?

Alexander Skwar
How to quote: (german) (en) - Die gnstige Art an Linux Distributionen zu kommen
                       Uptime: 8 hours 53 minutes


1. /cgi-bin/phf /cgi-bin/test-cgi /cgi-bin/handler

I've been seeing a number of attacks of this sort recently
from various sites in the http logs.  The time correlation
between the logs on various hosts suggests that the attacker
was scanning sequentially upward in IP addresses.  Since all
tcp and udp packets to ports below 1024 except for http,
smtp, and ident are filtered out for most, including the
attacking, sites, I'm not seeing anything else in the logs. - - [04/Jul/1998:07:19:27 -0500] "GET /cgi-bin/phf" 404 - - - [04/Jul/1998:07:19:28 -0500] "GET /cgi-bin/test-cgi" 404 - - - [04/Jul/1998:07:19:28 -0500] "GET /cgi-bin/handler" 404 -

Is this a signature of some known attackware?  If so, what
other attacks accompany these http probes?


2. broken/missing symbolic links

3. Execute cgi outside of cgi-bin

4. 3Dlabs Oxygen 402

5. cgi-bin/view-source?cgi-bin/view-source

6. Using SMIT in X11R4 xterms. A small hint 8-)

7. Cannot execute cgi-bin scripts on Solaris

8. Q: How to find expressions including new-lines

9. Apache: file redirected/aliased to cgi-bin does not execute

10. Executing Superuser commands from Apache cgi-bin

11. apache: give /home/mailman/cgi-bin permissions to run cgi-scripts.

12. apache: cgi script not in cgi-bin

13. scohttp80 will not execute scripts in cgi-bin -Reply