Does anyone have experience with the cinik and bugtraq worms for Unix? These worms appeared on two of our hosts and immediately forced denial-of-service. The programs were owned by apache....could this mean that a vulnerability of apache was exploited to get the files on the host? The sourcecode for both was on the host, cinik.c and bugtraq.c, making me suspect that the binary was built on the host. But, this would infer an interactive session....my logs don't reveal any session I cannot account for (ignoring the fact that the perp may have covered his tracks).
He was able to execute an information gathering Shell script that emailed back to his email address, [EMAIL PROTECTED] I just want to be able to prevent this from happening again, and undo any damage that I have not yet been able to find. Would like to hear from any other victims. Todd Merriman [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
