Making sure you guys saw this. ----- Forwarded Message -----
> From: "Geoff Maciolek" <[email protected]> > To: [email protected] > Sent: Sunday, April 12, 2015 5:58:57 PM > Subject: Proable exploited webserver: resources01.phx.ovirt.org > Folks, there's a suspious file I saw when browsing > plain.resources01.phx.ovirt.org > Specifically, _h5ai_research.php appears to be a shell - it identifies itself > as "c99madshell v.2.0 madnet edition" and prompts for login. It is EXTREMELY > unlikely that this is there intentionally. > Distressingly, the file has been there since 2014-09-26. > --Geoff Maciolek > PVDCHosting, LLC > _______________________________________________ > Infra mailing list > [email protected] > http://lists.ovirt.org/mailman/listinfo/infra
_______________________________________________ Infra mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/infra
