[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Stable server hacked

----- Original Message ----- 
From: "Thijs Welman" <thijs@balpol.tudelft.nl>
To: <debian-security@lists.debian.org>
Sent: Wednesday, August 06, 2003 5:56 PM
Subject: Re: Debian Stable server hacked

> Thanx for the replies so far.
> Thought of that myself. Checked the apache logfiles and went through the
> scripts... i don't have any 'candidates' besides Horde-2.1/Imp-3.1 and
> squirrelmail-1.4.0. But then there's still the www-data -> root

It is possible to write harmful php code which executes code on your server,
and use that to trigger a local root exploit. I've seen one of those
attempts one of my webservers, which tried to trigger a kernel exploit.
Luckily we upgraded that kernel some days before the attempt.



Reply to: