tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Darryl Lewis <darryl.le...@unsw.edu.au>
Subject Re: Attacks in Apache servers
Date Thu, 02 May 2013 11:22:05 GMT
"Last Friday (April 26), ESET and Sucuri simultaneously blogged about the
discovery of Linux/Cdorked, a backdoor impacting Apache servers running
cPanel." -http://blogs.cisco.com/security/linuxcdorked-faqs/

So it looks like an cPanel application vulnerability, not an Apache
vulnerability. The title of that first article in simple WRONG.
And seriously, who manages a site via cPanel? If you use cPanel, maybe
linux isn't a good fit for you.


On 2/05/13 7:48 PM, "Brian Burch" <brian@pingtoo.com> wrote:

>On 02/05/13 09:32, André Warnier wrote:
>> M Eashwar wrote:
>>> Hi,
>>>
>>>    Anyone attacked with reference to below URL?
>>>
>>> 
>>>http://efytimes.com/e1/fullnews.asp?edid=105167&ntype=mor&edate=4/29/201
>>>3
>>>
>>
>> Never heard of "EFYtimes" before, but considering what I have been
>> reading lately about bots, I would advise a modicum of caution before
>> following this link.
>> (And also maybe a modicum of healthy scepticism about that news article
>> itself).
>
>This vulnerability applies only to apache httpd and is not relevant to
>tomcat.
>
>ALSO, it only applies to apache httpd when installed via a third-party
>automated management system that is reported to not verify the digital
>signature of the binary... which would be very negligent.
>
>You should always verify apache packages against the published
>signatures. Although linux distribution rpm and deb packages are
>automatically verified during installation, we strongly recommend
>installing packages directly from the official apache distribution
>servers and then verifying the signature yourself - prior to installation!
>
>Regards,
>
>Brian
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message