https://issues.apache.org/bugzilla/show_bug.cgi?id=50561
Summary: root/shell exploit via httpd
Product: Apache httpd-2
Version: 2.1-HEAD
Platform: PC
OS/Version: Linux
Status: NEW
Severity: critical
Priority: P2
Component: All
AssignedTo: [email protected]
ReportedBy: [email protected]
my server was hacked by "brunei" aka iskorpitx, but i was on the server when it
happenned, i was able to knock him out by 'pkill httpd'
He uploaded a bunch of files to the server, and my guess is he was gonna delete
them before he left, its the scripts he uses to root RHEL servers, because i
booted him he had to leave them behind.
this is probably the same script set used to compromise several of godaddy.com
servers.
My server is reinstalling a boat load of RPMs right now, i will grab the
archive of his scripts and attach when the chance arises.
Brentt Graeb
Lead Admin
[email protected]
602-616-3487
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
