Eddie Tejeda <[EMAIL PROTECTED]> wrote: > Someone was able to install zbind on my machine using the following scripts. > The damage was limited to www-data, a restricted user, and logs were able > to monitor behaviour, but posed a large threat. <snip>
I notice that the attacker tried a number of different URLs. Is it
possible that there was a second version of awstats installed, aside
from the packaged version, and that that was vulnerable to the configdir
exploit?
Ben.
--
Ben Hutchings
Everything should be made as simple as possible, but not simpler.
- Albert Einstein
signature.asc
Description: This is a digitally signed message part
