Security Basics mailing list archives
RE: apache security newbie
From: "Dominik Kallusky" <D.Kallusky () gmx net>
Date: Tue, 7 Jun 2005 17:37:58 +0200 (MEST)
There are scripts, that scan for the awstats vulnerability? Does anyone know more about that, or has a link?
--- Ursprüngliche Nachricht --- Von: "Vladimir Luna" <vladimir.luna () gmail com> An: <security-basics () securityfocus com> Betreff: RE: apache security newbie Datum: Mon, 6 Jun 2005 18:55:41 +0200 This seams as 'usual' scans for exploit of awstats.pl The most used exploits that i have come by is hacks done on awstats.pl phpbb´s and on ikonboard why its important to update these often, and look if some new security issue has come around regarding those. regarding the phpbb; It is often a PHP/phpbb overflow exploit. They gets an irc bot uploaded into /tmp and uses one of the users to execute it; Being able to execute it using webserver nobody:nobody permissions. They then uses the ircbot to ddos around. Its also known that That systems are often compromised through a Remote Command Execution Vulnerability in awstats 6.1: (or other versions) as explaned on; http://www.idefense.com/application/poi/display?id=185&type=vulnerabilit ies&flashstatus=true This last one is what it seams that they were scanning for in your system to try to exploit. Many times the site from where the scan is being done is compromised machine aswell. I usally reports them back to the isp, wich i recommend that you do. Best regards, _______________________________________ Vladimir Luna Mail: vladimir.luna () gmail com ________________________________________
-- Geschenkt: 3 Monate GMX ProMail gratis + 3 Ausgaben stern gratis ++ Jetzt anmelden & testen ++ http://www.gmx.net/de/go/promail ++
Current thread:
- apache security newbie voyager123bg (Jun 06)
- RE: apache security newbie Vladimir Luna (Jun 06)
- RE: apache security newbie Dominik Kallusky (Jun 08)
- RE: apache security newbie Vladimir Luna (Jun 08)
- RE: apache security newbie Dominik Kallusky (Jun 08)
- <Possible follow-ups>
- RE: apache security newbie Vladimir Luna (Jun 08)
- RE: apache security newbie Vladimir Luna (Jun 06)