[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Backdoor over http(s)??



I have got in /cgi-bin/ directory:

-neomail (1.26)
-openwebmail (2.30)
-SuSE things
-sanecgi

but nothing else.

And I have Phpnuke 6.9 (?? PHP ??)
-----
Ok, somebody could use wget, but what about the .do.sh -->
how was it possible, to execute it?


Tibor

On Tue, 13 Jan 2004 10:33:27 -0500 (EST), Rick Green wrote
> Before you get too involved in analysing the content of the file 
> that was imported to your machine, you may want to close the 
> facility that allowed the download in the first place!  What have 
> you got in your cgi-bin directory that allows arbitrary use of wget?
> 
> -- 
> Rick Green
> 
> "They that can give up essential liberty to obtain a little
>  temporary safety, deserve neither liberty nor safety."
>                                   -Benjamin Franklin




-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here