Some of the sites I administer were alledgedly hit by a worm last night. It overwrote all .php/.html files that were owner writable and owned by apache.
We were running apache 2.0.52 and php 4.3.9. Have any of you encounted this before?
php 4.3.9 has several serious security flaws in it. (See here for more info - <http://www.php.net/release_4_3_10.php>). You should have upgrade it ASAP. That's most likely how the script altered the files.
Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
