tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Darryl Lewis <>
Subject Re: Attacks in Apache servers
Date Thu, 02 May 2013 11:22:05 GMT
"Last Friday (April 26), ESET and Sucuri simultaneously blogged about the
discovery of Linux/Cdorked, a backdoor impacting Apache servers running
cPanel." -

So it looks like an cPanel application vulnerability, not an Apache
vulnerability. The title of that first article in simple WRONG.
And seriously, who manages a site via cPanel? If you use cPanel, maybe
linux isn't a good fit for you.

On 2/05/13 7:48 PM, "Brian Burch" <> wrote:

>On 02/05/13 09:32, André Warnier wrote:
>> M Eashwar wrote:
>>> Hi,
>>>    Anyone attacked with reference to below URL?
>> Never heard of "EFYtimes" before, but considering what I have been
>> reading lately about bots, I would advise a modicum of caution before
>> following this link.
>> (And also maybe a modicum of healthy scepticism about that news article
>> itself).
>This vulnerability applies only to apache httpd and is not relevant to
>ALSO, it only applies to apache httpd when installed via a third-party
>automated management system that is reported to not verify the digital
>signature of the binary... which would be very negligent.
>You should always verify apache packages against the published
>signatures. Although linux distribution rpm and deb packages are
>automatically verified during installation, we strongly recommend
>installing packages directly from the official apache distribution
>servers and then verifying the signature yourself - prior to installation!
>To unsubscribe, e-mail:
>For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message