[Pkg-awstats-devel] Bug#353932: machine compromised with
awstats.pl?configdir
Ben Hutchings
ben at decadentplace.org.uk
Sun Mar 5 00:37:15 UTC 2006
Eddie Tejeda <eddietejeda at nailchipper.com> wrote:
> Someone was able to install zbind on my machine using the following scripts.
> The damage was limited to www-data, a restricted user, and logs were able
> to monitor behaviour, but posed a large threat.
<snip>
I notice that the attacker tried a number of different URLs. Is it
possible that there was a second version of awstats installed, aside
from the packaged version, and that that was vulnerable to the configdir
exploit?
Ben.
--
Ben Hutchings
Everything should be made as simple as possible, but not simpler.
- Albert Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.alioth.debian.org/pipermail/pkg-awstats-devel/attachments/20060305/7d3b5831/attachment.pgp
More information about the Pkg-awstats-devel
mailing list