On 01/11/2012 09:10 PM, Jaco Kroon wrote:
On 11/01/12 21:35, Jeroen Geilman wrote:
In /var/log/httpd/error_log I see hink like this
sh: del comand no found
sh: xx Permission denied
I need help !
1. Stop apache.
2. investigate which leaky, creaky or lousy PHP script allowed this
exploit.
3. remove the bad script.
4. Remount /tmp with noexec,nosuid,nodev to prevent the majority of
these types of exploits.
Surely you noticed that I did not advise him to turn it back on - at all
? ;)
But yes, distros that don't protect /tmp suck.
--
J.
