[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Backdoor over http(s)??

I have got in /cgi-bin/ directory:

-neomail (1.26)
-openwebmail (2.30)
-SuSE things

but nothing else.

And I have Phpnuke 6.9 (?? PHP ??)
Ok, somebody could use wget, but what about the .do.sh -->
how was it possible, to execute it?


On Tue, 13 Jan 2004 10:33:27 -0500 (EST), Rick Green wrote
> Before you get too involved in analysing the content of the file 
> that was imported to your machine, you may want to close the 
> facility that allowed the download in the first place!  What have 
> you got in your cgi-bin directory that allows arbitrary use of wget?
> -- 
> Rick Green
> "They that can give up essential liberty to obtain a little
>  temporary safety, deserve neither liberty nor safety."
>                                   -Benjamin Franklin

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here