Description of problem: We get regular (false positive) warning mails about somebody mirroring some DAG phpmyadmin RPMs from us..: !!!! 2 possible successful probes /dag/redhat/el4/en/i386/dag/RPMS/phpmyadmin-2.11.9.2-1.el4.rf.noarch.rpm HTTP Response 200 Modifying the "http" logwatch script slightly gets rid of these: --- services/http~ 2008-10-02 09:00:57.000000000 +0200 +++ services/http 2008-10-02 09:41:26.000000000 +0200 @@ -157,3 +157,3 @@ 'owssvr\.dll', - 'phpmyadmin', + 'phpmyadmin.*\/', 'root\.exe', To my understanding, any real use of phpmyadmin (if installed under this name) will involve accessing the individual php scripts installed under that path, i.e. include a directory separator in the URL. Version-Release number of selected component (if applicable): RHEL5:logwatch-7.3-6.el5.noarch RHEL4:logwatch-5.2.2-4.el4.noarch How reproducible: always Steps to Reproduce: 1. serve a phpmyadmin RPM 2. get warning mail from logwatch
The problem is already fixed in logwatch-7.3-6.el5.
Development Management has reviewed and declined this request. You may appeal this decision by reopening this request.