[ale] awstats & PHPbb compromises over weekend

Bob Toxen transam at verysecurelinux.com
Tue Jul 5 12:37:48 EDT 2005


There have been widespread compromises of Linux systems via security bugs
in awstats and PHPbb since late last week.  These lead to remote compromise
of the user that Apache runs as.

Immediate patching is indicated (or disable these).  See if your system has
unusual activity.

Best regards,

Bob Toxen, CTO
Fly-By-Day Consulting, Inc.
d/b/a Horizon Network Security
"Your expert in Firewalls, Virus and Spam Filters, VPNs,
Network Monitoring, and Network Security consulting"

http://www.verysecurelinux.com       [Network & Linux/Unix Security Consulting]
http://www.realworldlinuxsecurity.com [My 5* book: "Real World Linux Security"]
http://www.verysecurelinux.com/sunset.html                    [Sunset Computer]
bob at verysecurelinux.com (e-mail)

Author,
"Real World Linux Security: Intrusion Detection, Prevention, and Recovery"
2nd Ed., Prentice Hall, (C) 2003, 848 pages, ISBN: 0130464562
Also available in Japanese, Chinese, Czech, and Polish.

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke



More information about the Ale mailing list