On Thu, Sep 18, 2003 at 03:02:04PM +0200, Markus Schabel wrote: > Christian Storch wrote: > >- security updates all up to date? > > the same state as DSA announcements
Including your kernel? > >- known unclosed security hole? > > It seems that it was possible to upload & execute .php-files somewhere > (phpshell.php) Yes, this would appear to be how they got a shell, but not root (which they clearly had also). -- - mdz