Hello,

Not sure if this is new to you but

213.96.25.30 - - [05/Mar/2009:19:22:14 +0100] "POST
/roundcube/bin/html2text.php HTTP/1.0" 406

and as a result a non-empty directory /tmp/guestbook.ntr/ is created
and a file /tmp/guestbook.php (which then causes issues with the
operating system).

This html2text.php file has been used by an attacker on my system (at
least I think so). I have removed roundcube from my system and since
then I have had no trouble, although they have been scanning for this
file as I read from the logs.

Yours,

-- 
Zbigniew Szalbot
www.slowo.pl
www.fairtrade.net.pl
_______________________________________________
List info: http://lists.roundcube.net/users/

Reply via email to