[Dshield] Linux Exploit Search

Ian Scott ian at pairowoodies.com
Wed Nov 9 04:59:11 GMT 2005


On November 8, 2005 09:11 pm, David Cary Hart wrote:
> What's particularly troubling here is that there are three different
> clients following the exact same pattern.
<snip>

Looks like an automated scan looking for vulnerable applications. Possibly 
someone using Nexus?

There was a version of awstats recently that had a vulnerability in it that 
would give remote access as the apache user.

Wordpress also had a vulnerability recently, as do many blogging software.

Ian Scott


More information about the list mailing list