August 28th, 2009, 05:49 PM
Sigh: Apache.org hacked.
apache.org was down this morning and reports are that one of their servers has been compromised due to an SSH key being exposed. The SSH key was used by an account to perform backups. No vulnerabilities in apache or ssh software was used in this attack. When the incident was identified apache cut access to all of their services as a containment measure. Their web sites are now back online.
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
August 28th, 2009, 11:07 PM
Looks like it was fault of the company responsible for maintaining backups...
The attackers created several files in the directory containing files for www.apache.org
, including several CGI scripts. These files were then rsynced to our production webservers by automated processes. At about 07:00 on August 28 2009 the attackers accessed these CGI scripts over HTTP, which spawned processes on our production web services.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
By Spyder32 in forum *nix Security Discussions
Last Post: August 1st, 2004, 05:20 AM
By FishTaco in forum Newbie Security Questions
Last Post: March 7th, 2004, 06:14 PM
By Grinler in forum The Security Tutorials Forum
Last Post: August 9th, 2003, 02:49 AM
By tonybradley in forum The Security Tutorials Forum
Last Post: June 18th, 2003, 03:54 PM
By phishphreek in forum Web Security
Last Post: May 3rd, 2003, 06:29 AM