Order a VPS, Semi- dedicated or Dedicated server in Dallas, London or Australia.
Ask our support team about your hosting
requirements.
Host where the staff takes pride in making customers happy
Order a VPS, Semi- dedicated or Dedicated server in Dallas, London or Australia.
Ask our support team about your hosting
requirements.
Host where the staff takes pride in making customers happy
Notice Links:
| Posted | Thu, 31 Oct 2013 00:05 AM UTC
Wed, 30 Oct 2013 20:05 PM EDT |
|---|---|
| Last Update | Thu, 31 Oct 2013 00:47 AM UTC (546 weeks ago)
Wed, 30 Oct 2013 20:47 PM EDT |
| Status | Closed |
We have started seeing a number of exploited servers. The cause appears to be http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1823 We are working to identify the affected server types. Currently it appears to be Debian 3, Debian 3.1, Ubuntu 11.10 or earlier. The work around is to mkdir /root/exploited; mv /usr/lib/cgi-bin/php* /root/exploited/ The fix is to upgrade to a newer/fixed version of php. Given these are older distros, a server reinstall with a recent distro is a good option. Run cat /var/spool/cron/www-data. If you see something like: Then remove that file. On Ubuntu 11.10 we note PHP 5.3.6-13ubuntu3.2 is vulnerable. But after an apt-get update; apt-get upgrade php5-cgi we get 5.3.6-13ubuntu3.10 and we did not find that vulnerable. # | |
Log in to subscribe to changes to this notice.
Set your contact details for future notifications.
RimuHosting : Server hosting service. A Rimu Hosting Ltd business. RimuHosting services include:
© RimuHosting Ltd 2002-2024. Rimuhosting, Launchtime and the Rimuhosting logo are RimuHosting™ trademarks.
