Re: NeverEverNoSanity WebWorm???????

To: Debian-User <debian-user@lists.debian.org>
Subject: Re: NeverEverNoSanity WebWorm???????
From: Andrea Vettorello <andrea.vettorello@gmail.com>
Date: Tue, 21 Dec 2004 09:17:59 +0100
Message-id: <[🔎] 7d5440240412210017596f47c0@mail.gmail.com>
Reply-to: Andrea Vettorello <andrea.vettorello@gmail.com>
In-reply-to: <[🔎] 1103610182.16288.3.camel@haggis.homelan>
References: <[🔎] BAY14-F14406A42D02B4AC1A79F23C1A20@phx.gbl> <[🔎] 1103610182.16288.3.camel@haggis.homelan>

On Tue, 21 Dec 2004 00:23:02 -0600, Ron Johnson <ron.l.johnson@cox.net> wrote:
> On Tue, 2004-12-21 at 11:43 +1300, Simon Buchanan wrote:
> [snip]
> > this is wierd, you cant ssh into the box. its got pureftpd/apache/php/mysql
> > running on it. with only ftp/http ports open, all else firewalled out....
> 
> So, either:
> a) there's a root-exploitation bug in pureftpd
> b) there's a root-exploitation bug in apache
> c) there's a root-exploitation bug in php
> d) you misconfigured pureftpd
> e) you misconfigured apache
> e) you misconfigured php
> 
> Why are you using an ftpd on a development box?  That's a major
> sin right there.
> 

IIRC i've read somewhere (but can't find the link) to a php vulnerability.

Seems he isn't alone:

http://groups-beta.google.com/groups?q=NeverEverNoSanity&hl=en&lr=&c2coff=1&sa=N&tab=wg


Andrea

Reply to:

References:
- NeverEverNoSanity WebWorm???????
  - From: "Simon Buchanan" <greminnz@hotmail.com>
- Re: NeverEverNoSanity WebWorm???????
  - From: Ron Johnson <ron.l.johnson@cox.net>

Prev by Date: And Now for My Next Frustration - The Printer
Next by Date: Re: And Now for My Next Frustration - The Printer
Previous by thread: Re: NeverEverNoSanity WebWorm???????
Next by thread: Re: NeverEverNoSanity WebWorm???????
Index(es):
- Date
- Thread