Date: Wed, 27 Feb 2002 08:52:54 -0700 From: "Laurence Brockman" <laurence@fluxinc.com> To: <security@freebsd.org>, <isp@freebsd.org>, <ports@freebsd.org> Subject: Re: HEADS UP: Security Alert For Apache / PHP Webservers Message-ID: <07cb01c1bfa6$d1c99550$3531000a@shaw.ca> References: <DC21C58FDD6FD511952A0002A55CAD634E7874@nlspm003.nl.eds.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Just another heads up as well. Lately on a lot of security lists there is a lot of dis-information being posted. On Security Focus lists there have even been "exploits" posted that in reality are trojans that will open up a root shell on unsuspecting users. So far I have seen these so called advisories (Or really rumours of vulnerabilities) for Apache, SSH2 (Later versions), BIND and SNMPD (UCD-SNMP ver 4.2.2 I think, or ver 4.2.1). Now the SNMPD advisory is real, but the exploits that have been released aren't. So again, be careful with what you believe and run from these lists (As you should always be)... See the following from Blue Boar of the Vuln-Dev list http://online.securityfocus.com/archive/82/258445 Thanks, Laurence ----- Original Message ----- From: "Van Beerschoten, Stephan" <stephan.vanbeerschoten@eds.com> To: <security@freebsd.org>; <isp@freebsd.org>; <ports@freebsd.org> Sent: Wednesday, February 27, 2002 7:14 AM Subject: FW: HEADS UP: Security Alert For Apache / PHP Webservers > I usually don't mail from my corporate account, but this needs some fast > fixing on almost all FreeBSD/apache/php servers. > > -Stephan > <SNIP> > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?07cb01c1bfa6$d1c99550$3531000a>