We do use PHP but we do not use any program to manage the PHP.  So nothing
should have apache permissions to write and execute.

Still searching...

Doug

-----Original Message-----
From: tclug-list-bounces at mn-linux.org
[mailto:tclug-list-bounces at mn-linux.org]On Behalf Of linuxguy
Sent: Thursday, March 04, 2004 3:58 PM
To: TCLUG Mailing List
Subject: Re: [TCLUG] Attack



>>>It is an email and web server.
>>>
>>>
>>>
Does it happen to be running PHPNuke or anything similar to that?

PHPNuke and other web content portals can have holes in them that allow
users to view your /etc/passwd file or basically any file on your
filesystem that your apache user can view.

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list



_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list