Security experts today warned of a Linux network worm that exploits holes in the Mambo content management system and the PHP XML-RPC library.
Dubbed Mare.D, the worm leaves multiple backdoors on infected systems. Two of these are connectback shell backdoors that link to a remote host, while a third allows the malware's writer to access and control infected systems via IRC.
Read More
from Raven: Check your security logs and access_logs. I have been diluged with attempts to use the Mambo hack on my site, to no avail of course. If your host does not provide you with an Apache module called mod_security, insist that they get it installed and configured. It's one of the easiest and best tools for stopping so many of these kinds of exploits :)
|
This article comes from Ravens PHP Scripts
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=1960
https://www.ravenphpscripts.com
The URL for this story is:
https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=1960