[Imc-tech] two crises resolved
Zachary C. Miller
zach at chambana.net
Thu Sep 15 03:34:34 CDT 2005
Our system was security compromised as a result of a security
vulnerability in an older version of Drupal installed on one of the
sites that is hosted on imsahp. The attackers only gained access to
the www-data user that the web server runs as. The attackers did not
gain root. They definitely used the access they gained to attempt to
launch attacks on other sites and to send spam. They could have used
the access their gained to write to any world-writable files or files
owned by user or group www-data. Your files are not world-writable or
owned by www-data by default, if you have not explicitly made your
files world-writable then you would not be affected by this. If you
have used the "chmod" command to make your files world-writable then
please change them to more secure permissions.
Please, everyone make sure that if you are running third party web
applications on the server that you keep up to date with security
updates.
Unrelated to the security compromises, we lost the backup disk
yesterday. I have installed a new disk and fresh backups are being run
as we speak.
Thanks!
--
Zachary C. Miller - @= - http://zach.chambana.net/
IMSA 1995 - UIUC 2000 - Just Another Leftist Muppet - Ya Basta!
Social Justice, Community, Nonviolence, Decentralization, Feminism,
Sustainability, Responsibility, Diversity, Democracy, Ecology
More information about the Imc-tech
mailing list