El vie 03 may 2013 12:50:09 CLT, Cristian Rodríguez escribió:
El 03/05/13 05:41, Dave Howorth escribió:
Dsant wrote:
On Thursday 02 May 2013 17:54:48 Cristian Rodríguez wrote:
El 02/05/13 07:38, Marcus Meissner escribió:
The intrusion vector is likely not apache2, the bad guys just replace the apache2 httpd binary. Most likely not apache ;)
How they achieved root access is a different topic. Apparently through proprietary Cpanel admin tool, which indeed has root privileges to modify anything on the system.
You're right : http://blog.sucuri.net/2013/04/apache-binary-backdoors-on-cpanel-based-serve...
So OpenSUSE is safe :) (Unless install this proprietary tool)
I think you're reading too much into that one article. (Apart from one blog article is not necessarily 100% accurate).
Correct, the press is written in a sensationalist tone in order to sell. (OMG, see the apachez cracked, end of the world!)
They talk about a particular technique used with cPanel but they don't exclude other techniques in other circumstances.
For economic reasons, exploits will take the more cost effective vector (that is the easier to exploit, wider availability and can be used to cause as much damage as possible) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org