[ale] Apache exploit
Beddingfield, Allen
allen at ua.edu
Tue Apr 2 16:10:13 EDT 2013
I was just wondering if any of you had encountered this one/were aware of it. I don't see any references to CVE's or hard details, aside from the analysis in the third link. Maybe it is time to move putting Apparmor around Apache on our web servers higher to the top of the to-do list.
http://arstechnica.com/security/2013/04/exclusive-ongoing-malware-attack-targeting-apache-hijacks-20000-sites/
https://news.ycombinator.com/item?id=5479812
http://malwaremustdie.blogspot.com/2013/03/the-evil-came-back-darkleechs-apache.html
Allen B.
--
Allen Beddingfield
Systems Engineer
The University of Alabama
More information about the Ale
mailing list