Server: Apache/2.0.47 (Unix) mod_ssl/2.0.47 OpenSSL/0.9.7a DAV/2 PHP/4.3.6 mod_jk/1.2.4I had a similar problem and was advised by someone (who knows a bit more than I do) that I should upgrade PHP. I now run PHP 5.0.3. Apparently there is a security issue with earlier PHP versions.Thanks.Gene
There are some flaws with older php versions, BUT upgrading doesnt guarantee that you'll be safe. I'm almost sure, you have some unsafe site on your webserver, which allows uploading files in an unsecure manner, and after that, passing some commands, is easy. This flaw is commonly used with sites that were programmed badly with register_globals = on, or doesn't check the input on includes with vars, o some other file functions.
look at your error log. If you see somehitng about wget, or files uploading, you were "hacked" using this way.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|