[CentOS] Exploit 'in the wild' for Trixbox
Nigel Kendrick
support-lists at petdoctors.co.ukSun Jul 20 16:13:15 UTC 2008
- Previous message: [CentOS] crontab for nobody
- Next message: [CentOS] moving software RAIDed disks to other machine
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Just in case anyone else needs to know - there's an exploit 'in the wild' for Trixbox (which is CentOS based) that allows malicious code to be installed on a server. I discovered that one of my Trixbox servers was running 3 instances of a perl-based IRC botnet process called httpdse and this was pegging the CPU at 100%. Notes, comments, removal instructions, patches etc. here: http://trixbox.org/forums/trixbox-forums/open-discussion/critical-remote-roo t-exploit-trixbox-wild Guess that teaches me not to open the Trixbox Web interface to the world. Regards, Nigel Kendrick
- Previous message: [CentOS] crontab for nobody
- Next message: [CentOS] moving software RAIDed disks to other machine
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list