[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Apache exploit



I was just wondering if any of you had encountered this one/were aware of it.  I don't see any references to CVE's or hard details, aside from the analysis in the third link.  Maybe it is time to move putting Apparmor around Apache on our web servers higher to the top of the to-do list.


http://arstechnica.com/security/2013/04/exclusive-ongoing-malware-attack-targeting-apache-hijacks-20000-sites/

https://news.ycombinator.com/item?id=5479812

http://malwaremustdie.blogspot.com/2013/03/the-evil-came-back-darkleechs-apache.html

Allen B.
--
Allen Beddingfield
Systems Engineer
The University of Alabama