[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Backdoor over http(s)??
Mátyás Tibor wrote:
First off, there was a "backdoor" during 2003 (dont remember when) in
the SSL-libs. Which could be used via Apache to put files in the /tmp
dir... (I know this cause I found such files myself)
And I have Phpnuke 6.9 (?? PHP ??)
PHPNuke is ridden with security flaws, 6.9 have had securitypatches for
admin.php, the weblinks & downloads modules. Depends on if you patch
your server or not...
Ok, somebody could use wget, but what about the .do.sh -->
how was it possible, to execute it?
/tmp is a executable directory, isn't it?!
Normally "hackers" who gain access through some backdoor needs to gain
access to the machine, then try to execute a lot of tests to see if any
local exploits are available to see if they can get root-access.
My own experience a month back told me so (an old RH 7.0 machine got hacked)
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here