"Last Friday (April 26), ESET and Sucuri simultaneously blogged about the discovery of Linux/Cdorked, a backdoor impacting Apache servers running cPanel." -http://blogs.cisco.com/security/linuxcdorked-faqs/
So it looks like an cPanel application vulnerability, not an Apache vulnerability. The title of that first article in simple WRONG. And seriously, who manages a site via cPanel? If you use cPanel, maybe linux isn't a good fit for you. On 2/05/13 7:48 PM, "Brian Burch" <br...@pingtoo.com> wrote: >On 02/05/13 09:32, André Warnier wrote: >> M Eashwar wrote: >>> Hi, >>> >>> Anyone attacked with reference to below URL? >>> >>> >>>http://efytimes.com/e1/fullnews.asp?edid=105167&ntype=mor&edate=4/29/201 >>>3 >>> >> >> Never heard of "EFYtimes" before, but considering what I have been >> reading lately about bots, I would advise a modicum of caution before >> following this link. >> (And also maybe a modicum of healthy scepticism about that news article >> itself). > >This vulnerability applies only to apache httpd and is not relevant to >tomcat. > >ALSO, it only applies to apache httpd when installed via a third-party >automated management system that is reported to not verify the digital >signature of the binary... which would be very negligent. > >You should always verify apache packages against the published >signatures. Although linux distribution rpm and deb packages are >automatically verified during installation, we strongly recommend >installing packages directly from the official apache distribution >servers and then verifying the signature yourself - prior to installation! > >Regards, > >Brian > >--------------------------------------------------------------------- >To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
