Exploit 'in the wild' for Trixbox

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Just in case anyone else needs to know - there's an exploit 'in the wild'
for Trixbox (which is CentOS based) that allows malicious code to be
installed on a server. I discovered that one of my Trixbox servers was
running 3 instances of a perl-based IRC botnet process called httpdse and
this was pegging the CPU at 100%.

Notes, comments, removal instructions, patches etc. here:

http://trixbox.org/forums/trixbox-forums/open-discussion/critical-remote-roo
t-exploit-trixbox-wild

Guess that teaches me not to open the Trixbox Web interface to the world.

Regards,

Nigel Kendrick

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux