Ben Devine wrote:
It might not neccesairly apache with the hole. It could be another program and they have exploited it to alter that image file. Or they guessed the password. lol
Best guess at the SANS Internet Storm Center is that a hole in PHP was exploited: http://isc.sans.org/diary.php?date=2004-11-29
-- "A story, I decided, is anything that keeps http://carey.geek.nz/ the people reading turning the pages, and doesn't leave them feeling cheated at the end. Everything else was up for grabs." -- Neil Gaiman
