Am 23.08.2015 um 16:42 schrieb greg.freemyer@gmail.com:
In one of the linux CMS cases, the bad guys injected a malicious control app to append all credit card data going through the shopping cart to an existing picture file on the server. Then they simply used apache to serve up the file anytime they wanted it. If the file was opened in a web browser / image viewer, you saw the image. If opened in a text editor, you saw all the confidential data at the end of the file.
Nice. Do you have any links for this attack? Regards, -- Aaron "Optimizer" Digulla a.k.a. Philmann Dark "It's not the universe that's limited, it's our imagination. Follow me and I'll show you something beyond the limits." http://blog.pdark.de/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org