The latest version is 2.0.50 http://httpd.apache.org/ .
If you are running any previous versions, you are a target for a hacker. You should also check to make sure you are running latest kernel as well as latest shell. You should have a security expert look at the machine, and if you can't afford one, consider formatting the machine and re-installing. Pierre Grandmaison ([EMAIL PROTECTED]) Zenutech Fredericton, NB, Canada Toll-Free: 1-866-ZENUTECH (936-8832) Local Ph: (506) 471-7504 Fax: (647) 439-0945 AIM: ZenuPierre MSN: [EMAIL PROTECTED] ICQ: 27313824 Yahoo!: zenupierre -------------------------------------------- Check us out @ www.zenutech.com -------------------------------------------- -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of LaRoy McCann Sent: Monday, August 23, 2004 1:45 PM To: [EMAIL PROTECTED] Subject: [Apache-FP] web server hacked I have a buddy that is running RH9.0 with Apache 2.0.40 with FP extentions. His web server got hacked into. They replaced the index page. They had their name of "Total Cha0s" on the index page. Anyone know of a bug in apache that will allow this? Here is a listing of the files they placed in the tmp dir. [EMAIL PROTECTED] tmp]# ll total 488 -rw-r--r-- 1 apache apache 757 Aug 22 00:20 dc.pl -rwxrwxrwx 1 apache apache 19242 Aug 18 14:38 r0nin -rw------- 1 apache apache 93 Aug 17 08:29 sess_bd2f85b4f15f7471f989baa66cdc2cbb -rwxrwxrwx 1 apache apache 0 Aug 21 15:31 xiit -rwxr-xr-x 1 apache apache 463529 Aug 22 00:21 xpl_brk _______________________________________________ Apache-FP mailing list [EMAIL PROTECTED] http://lists.joshie.com/mailman/listinfo/apache-fp Donations: http://www.amazon.com/paypage/PT5LZITM9L227
