tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jess Holle <je...@ptc.com>
Subject Re: Attacks in Apache servers
Date Thu, 02 May 2013 11:29:25 GMT
http://blogs.cisco.com/security/linuxcdorked-faqs/ claims this is not a 
cPanel vulnerability per se...

On 5/2/2013 6:22 AM, Darryl Lewis wrote:
> "Last Friday (April 26), ESET and Sucuri simultaneously blogged about the
> discovery of Linux/Cdorked, a backdoor impacting Apache servers running
> cPanel." -http://blogs.cisco.com/security/linuxcdorked-faqs/
>
> So it looks like an cPanel application vulnerability, not an Apache
> vulnerability. The title of that first article in simple WRONG.
> And seriously, who manages a site via cPanel? If you use cPanel, maybe
> linux isn't a good fit for you.
>
>
> On 2/05/13 7:48 PM, "Brian Burch" <brian@pingtoo.com> wrote:
>
>> On 02/05/13 09:32, André Warnier wrote:
>>> M Eashwar wrote:
>>>> Hi,
>>>>
>>>>     Anyone attacked with reference to below URL?
>>>>
>>>>
>>>> http://efytimes.com/e1/fullnews.asp?edid=105167&ntype=mor&edate=4/29/201
>>>> 3
>>>>
>>> Never heard of "EFYtimes" before, but considering what I have been
>>> reading lately about bots, I would advise a modicum of caution before
>>> following this link.
>>> (And also maybe a modicum of healthy scepticism about that news article
>>> itself).
>> This vulnerability applies only to apache httpd and is not relevant to
>> tomcat.
>>
>> ALSO, it only applies to apache httpd when installed via a third-party
>> automated management system that is reported to not verify the digital
>> signature of the binary... which would be very negligent.
>>
>> You should always verify apache packages against the published
>> signatures. Although linux distribution rpm and deb packages are
>> automatically verified during installation, we strongly recommend
>> installing packages directly from the official apache distribution
>> servers and then verifying the signature yourself - prior to installation!
>>
>> Regards,
>>
>> Brian
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
> .
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message