WARNING:DO NOT UPGRADE TO CORE 4
Matthew Saltzman
mjs at ces.clemson.edu
Fri Jul 15 11:11:09 UTC 2005
On Fri, 15 Jul 2005, Paul Howarth wrote:
> The second most common exploit attack I see on my server after the ssh
> password-guessing attack is an attempted awstats exploit where the
> attacker tries to download a rootkit into /tmp and run it from there. If
> I was running a vulnerable awstats installation (i.e. all of them until
> recently - I hope this bug is actually fixed in the current release but
> I don't know as I don't use it), mounting /tmp noexec would have saved
> me.
It is (that one anyway...).
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs
More information about the fedora-list
mailing list