Similar problem? http://www.mail-archive.com/[email protected]/msg48905.html
Solved. http://www.mail-archive.com/[email protected]/msg48956.html If Tomcat user had very restrictive privileges and you can verify that it could not have written to anything else on disk, maybe you should remove all files of the Tomcat system including the application and all webapps, remove the tomcat user, and create a new user and reinstall everthing. If the fexcep that was installed was capable of over-writing anything in /bin or /lib or anything at all that you cannot verify or be sure of - it's likely time to reinstall the system. David Kaiser wrote: > http://www.mail-archive.com/[email protected]/msg49002.html > > Ann Richmond wrote: > >> Hi, its Ann Richmond. >> A few weeks ago we found some applications had been installed under >> tomcat on a few servers. The war file was there as well as the expanded >> apps. >> here are the names, tho we think they are all the same: >> fexsshel >> fexcep >> fexcepshell >> fexception >> fexcepspshell >> >> They were on 3 different servers, not all 3 had all 5 apps installed. >> The servers are running red hat , 2 with tomcat 4 and RHEL ES 3, and 1 >> with tomcat 5 and RHEL 5. >> >> The servers are physically at 3 different locations in different parts >> of the country and have totally different IPs >> >> we removed the apps and changed all the tomcat user names and passwords. >> >> Today we found fexsshel back on one of the systems. >> >> We can't find anything on google, wondering if anyone had come across this. >> >> thanks >> Ann Richmond >> >> >> _______________________________________________ >> LinuxUsers mailing list >> [email protected] >> http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers >> >> > > _______________________________________________ > LinuxUsers mailing list > [email protected] > http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers >
