68_andahalf_68 writes:Security experts today warned of a Linux network worm that exploits holes in the Mambo content management system and the PHP XML-RPC library.
Dubbed Mare.D, the worm leaves multiple backdoors on infected systems. Two of these are connectback shell backdoors that link to a remote host, while a third allows the malware's writer to access and control infected systems via IRC.
Read MoreNote:
from Raven: Check your security logs and access_logs. I have been diluged with attempts to use the Mambo hack on my site, to no avail of course. If your host does not provide you with an Apache module called mod_security, insist that they get it installed and configured. It's one of the easiest and best tools for stopping so many of these kinds of exploits :)
Related
Re: Linux worm turns on Mambo and PHP (Score: 1) |  | any sample of how this attack looks like.... naturaly this sample in txt can be send by pm... :) |
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
