Mark Weaver wrote: > while I understand why you'd like proof of concept for the exploit it's > not something I'd post on a public mailing list. Not to mention the > exploit was trashed when I reloaded the system. At the time it didn't > seem expedient for to save that which killed my server for posterity. security at centos.org is where I'd expect you to post that to. Also, if you dont know what you are fixing, you dont have anything to benchmark against 5.2.5 either. As has already been pointed out in the thread, its highly likely that if the exploit was via a php app, its going to be an app specific exploit. Reloading that is going to bring that right back. Selinux normally helps prevent situations like this. - KB