httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 50561] New: root/shell exploit via httpd
Date Sun, 09 Jan 2011 09:57:31 GMT

           Summary: root/shell exploit via httpd
           Product: Apache httpd-2
           Version: 2.1-HEAD
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: critical
          Priority: P2
         Component: All

my server was hacked by "brunei" aka iskorpitx, but i was on the server when it
happenned, i was able to knock him out by 'pkill httpd'

He uploaded a bunch of files to the server, and my guess is he was gonna delete
them before he left, its the scripts he uses to root RHEL servers, because i
booted him he had to leave them behind.

this is probably the same script set used to compromise several of

My server is reinstalling a boat load of RPMs right now, i will grab the
archive of his scripts and attach when the chance arises.

Brentt Graeb
Lead Admin

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message