Order a VPS, Semi- dedicated or Dedicated server in Dallas, London or Australia.
Ask our support team about your hosting
requirements.
Host where the staff takes pride in making customers happy
Great !.. Thanks I'm very impressed with the quick turnaround time Rimu has!
Notice Links:
Posted | Thu, 31 Oct 2013 00:05 AM UTC
Wed, 30 Oct 2013 20:05 PM EDT |
---|---|
Last Update | Thu, 31 Oct 2013 00:47 AM UTC (548 weeks ago)
Wed, 30 Oct 2013 20:47 PM EDT |
Status | Closed |
We have started seeing a number of exploited servers. The cause appears to be http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1823 We are working to identify the affected server types. Currently it appears to be Debian 3, Debian 3.1, Ubuntu 11.10 or earlier. The work around is to mkdir /root/exploited; mv /usr/lib/cgi-bin/php* /root/exploited/ The fix is to upgrade to a newer/fixed version of php. Given these are older distros, a server reinstall with a recent distro is a good option. Run cat /var/spool/cron/www-data. If you see something like: Then remove that file. On Ubuntu 11.10 we note PHP 5.3.6-13ubuntu3.2 is vulnerable. But after an apt-get update; apt-get upgrade php5-cgi we get 5.3.6-13ubuntu3.10 and we did not find that vulnerable. # |
Log in to subscribe to changes to this notice.
Set your contact details for future notifications.