www.speadfirefox.com hacked Apache/2.0.52 (Red Hat), vulnerability in RHEL4?
Captain Bubudiu
bubudiu2005 at yahoo.co.uk
Wed Jul 20 16:21:51 UTC 2005
Recently www.spreadfirefox.com was hacked. Mozilla's
e-mail to SpreadFirefox.com users indicated that
Mozilla has now applied security fixes to "the
software that runs the site". Mozilla also reviewed
its security plans to find out why the necessary
security fixes were not previously applied and has now
modified its security plans to help prevent any
further such incident.
I would have though a recently released RHEL4 with
selinux and up2date should suffice.
<------speadfirefox.com headers are
rhel4-------------------->
HTTP/1.1 200 OK
Date: Wed, 02 Mar 2005 22:06:17 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9
Set-Cookie:
PHPSESSID=aa04a24d6b7a7adb2c196ef5dc3c32d9; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate,
post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Wed, 02 Mar 2005 21:45:02 GMT
ETag: "c1703e6e0cfdf9f26c32570550384321"
Connection: close
Content-Type: text/html; charset=utf-8
<------------------------------------------------------------->
More info on the hack http://www.crime-research.org/news/17.07.2005/1368/
----------------------------------------------------------------------
Fedora Core - The power of Open Source Now! Please search the archives and http://fedoraforum.org as the question is likely to have been asked before. RH9 -> FC3 -> FC6 (Jan 2007)
Catch me at http://members.lycos.co.uk/bubudiu/ Ah the beauty of it all!
Cheers
Captain Bubudiu
___________________________________________________________
Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com
More information about the fedora-list
mailing list