httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 50561] New: root/shell exploit via httpd
Date Sun, 09 Jan 2011 09:57:31 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=50561

           Summary: root/shell exploit via httpd
           Product: Apache httpd-2
           Version: 2.1-HEAD
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: critical
          Priority: P2
         Component: All
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: webmaster@graebtech.com


my server was hacked by "brunei" aka iskorpitx, but i was on the server when it
happenned, i was able to knock him out by 'pkill httpd'

He uploaded a bunch of files to the server, and my guess is he was gonna delete
them before he left, its the scripts he uses to root RHEL servers, because i
booted him he had to leave them behind.

this is probably the same script set used to compromise several of godaddy.com
servers.

My server is reinstalling a boat load of RPMs right now, i will grab the
archive of his scripts and attach when the chance arises.

Brentt Graeb
Lead Admin
webmaster@graebtech.com
602-616-3487

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message