[SGVLUG] Linux and php exploit
Tom Emerson
osnut at pacbell.net
Mon Nov 7 21:26:54 PST 2005
On Monday 07 November 2005 20:38, mrflash818 at geophile.net wrote:
> Greets,
>
> I saw a story about a (linux+php) exploit out there
> (http://www.channelregister.co.uk/2005/11/07/linux_worm/).
>
> Didn't know if it might affect our *.net and *.org sgvlug servers....
Well, per http://www.securityfocus.com/bid/14088/info, mambo/joomla is not in
the "vulnerable" nor "not vulnerable" lists, so your guess is as good as mine
on this one. (though I imagine "not likely" -- I don't recall that mambo
does much with xml-rpc)
OTOH, it's good to point it out -- I wouldn't have known about this as I don't
read the "security bulletins" as often as I should (but having said that, I
just fired up the susewatcher to "check for updates now" and I don't see any,
even though I'm running 9.3 on this system [but I might not have xml-rpc
installed "at all", hence "no updates" are found...])
--
Top o' the Blog: Too hot to handle
http://osnut.homelinux.net/mtblog/ya_index.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
Url : http://www.sgvlug.net/pipermail/sgvlug/attachments/20051107/c8624e9f/attachment.bin
More information about the SGVLUG
mailing list