Mark Weaver wrote:
while I understand why you'd like proof of concept for the exploit it's
not something I'd post on a public mailing list. Not to mention the
exploit was trashed when I reloaded the system. At the time it didn't
seem expedient for to save that which killed my server for posterity.
security@xxxxxxxxxx is where I'd expect you to post that to.
Also, if you dont know what you are fixing, you dont have anything to
benchmark against 5.2.5 either.
As has already been pointed out in the thread, its highly likely that if
the exploit was via a php app, its going to be an app specific exploit.
Reloading that is going to bring that right back.
Selinux normally helps prevent situations like this.
- KB
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
