14 Jan
2008
14 Jan
'08
12:25 a.m.
On Sun, Jan 13, 2008 at 02:14:04PM -0500, Mark Weaver wrote:
those patches didn't do much for keeping one of my systems from being breached via php. from the looks of the web server logs as well as the messages log file that's where they got in.
being the anul sort I am I first thought they'd breached the system through ssh, but that wasn't the case.
I'd be willing to bet it was an application-specific hole that was utilized to breach your system.
Ray