[BlueOnyx:14232] PHP Exploit on different BO5108
Joachim Klein
j.klein at ibusiness.at
Tue Jan 7 05:28:07 -05 2014
Hy to the List!
I have found an exploit - 2012-1823<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1823>
Is bluonyx affected (with or without installed solarspeed php package)?
I have found some strange behavior on some maschines.
Also with different php-version and all affected with the exploit:
Solarspeed 5.3.8
Solarspeed 5.3.19-1
php-5.3.3-27.el6_5.x86_64 (original)
Nothing found for now:
Solarspeed 5.3.26-1
All the same plattform - BO 5108
Linux servername.domain.com 2.6.32-431.1.2.el6.x86_64 #1 SMP Thu Dec 12 13:59:19 CST 2013 x86_64 x86_64 x86_64 GNU/Linux
Can someone help me to find where the attack came from?
Thanks
Joachim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20140107/4262f4bc/attachment.html>
More information about the Blueonyx
mailing list