----- Original Message ----- From: "Thijs Welman" <[EMAIL PROTECTED]> To: <debian-security@lists.debian.org> Sent: Wednesday, August 06, 2003 5:56 PM Subject: Re: Debian Stable server hacked
> Thanx for the replies so far. > [...] > > Thought of that myself. Checked the apache logfiles and went through the > scripts... i don't have any 'candidates' besides Horde-2.1/Imp-3.1 and > squirrelmail-1.4.0. But then there's still the www-data -> root question... > It is possible to write harmful php code which executes code on your server, and use that to trigger a local root exploit. I've seen one of those attempts one of my webservers, which tried to trigger a kernel exploit. Luckily we upgraded that kernel some days before the attempt. Regards, Teun
