Security Breach ?
Thiago Guzella
thiago.guzella at gmail.com
Thu Mar 3 12:57:51 UTC 2005
Well, I'm not sure on the relevance of my comment, but here it goes:
the script is brazilian-portuguese coded...
On Wed, 2 Mar 2005 18:12:05 -0500, Chris Strzelczyk
<cstrzelczyk at nobletechnology.net> wrote:
> Alright well not it's certain I have a friend on my system. I have
> found this file named "https" on my
> system in /tmp
>
> I'm not as PERL savy as I want to be but it does open IRC on the
> server. The file is owned by apache:apache. So it
> looks like my friend is using Apache as a tool. Would anybody have a
> clue on how he could get this in tmp and then run it?
> The file was not set executable either.
>
> #!/usr/bin/perl
> #
> ...
> >
> >
> > --
> > Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
> > legal statement: http://www.uni-x.org/legal.html
> > Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.10-1.14_FC2smp
> > Serendipity 23:40:52 up 9 days, 10:49, load average: 0.91, 0.56, 0.39
> > --
> > fedora-list mailing list
> > fedora-list at redhat.com
> > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
--
Thiago dos Santos Guzella
Electrical Enginnering Student - UFMG (www.ufmg.br), Brazil
Linux User #354160
UIN: 13465286. Jabber: tguzella @ jabber.org
"Thou, nature, art my goddess; to thy laws my services are bound..."
William Shakespeare
More information about the fedora-list
mailing list