On Tue, 21 Dec 2004 00:23:02 -0600, Ron Johnson <[EMAIL PROTECTED]> wrote: > On Tue, 2004-12-21 at 11:43 +1300, Simon Buchanan wrote: > [snip] > > this is wierd, you cant ssh into the box. its got pureftpd/apache/php/mysql > > running on it. with only ftp/http ports open, all else firewalled out.... > > So, either: > a) there's a root-exploitation bug in pureftpd > b) there's a root-exploitation bug in apache > c) there's a root-exploitation bug in php > d) you misconfigured pureftpd > e) you misconfigured apache > e) you misconfigured php > > Why are you using an ftpd on a development box? That's a major > sin right there. >
IIRC i've read somewhere (but can't find the link) to a php vulnerability. Seems he isn't alone: http://groups-beta.google.com/groups?q=NeverEverNoSanity&hl=en&lr=&c2coff=1&sa=N&tab=wg Andrea -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
