The key question is "As far as I understand this vulnerability it is limited to the user Apache is run by correct?"
The answer is you don't know how far they went.
Once you have local access then you can use a second exploit to get root access, or attack another system using the owned system. If the user apache was not configured properly then they may have been able to steal the shadow file and crack your passwords.
This is very true. I am building another box to replace this one which will happen today. Mean while I am
monitoring connections on the box. This is the best I can do to limit down time. I have seen no suspicious activity
since. "As far as I know".
Please do everyone a favor, if you have not already done this. Pull the plug, yes I mean this and I mean right now. Don't power it back up until you have the CD's to reload it, without a network connection. You have seen the rest in other posts.
Yes the box will be going down. I agree this is the best way to be sure is wipe the drive clean.
May be it will help if you understand that CISSP is Certified Information Systems Security Professional and requires a minimum of 2 years experience and passing a 6 hour exam. In other words I'm not just making this up.
I know what CISSP means I work right next to one. But thanks :) Someday I would like to take the exam
but I'm only 25 and I figure I can use more experience. Acutally I figure I need more experience, I'll put this
in the lessons learned column.
-- Leonard Isham, CISSP Ostendo non ostento.
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list