Re: [bitfolk] T-DOSE

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
Mjohn lewis at <-
Mjohn lewis at ->

Reply to this message
Author: Andy Smith
Date:  
Subject: Re: [bitfolk] T-DOSE
mail.bitfolk.com)
Cc: users@???
Subject: Re: [bitfolk] PHP-CGI exploit probes seen - please make sure your
 VPS is secured against this
X-BeenThere: users@???
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
    <mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
    <mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Wed, 09 May 2012 15:36:19 -0000


On 9 May 2012 07:56, Murray Crane <murray.crane@???> wrote:
> I'm running latest WP on Ubuntu LTS (10.04) using PHP5-CGI and lighttpd. I
> know full well that my PHP5 will be vulnerable (v5.3.2, damn you Ubuntu;
> CATCH UP FOR F**KS SAKE!!!), but I don't know how to go about securing it in
> lighty (if I even need to). I do know that if I point a browser at
> "index.php?-s", I get the front page of my blog back (as if I had left the
> "?-s" off) and not anything that would scream "VULNERABLE!!!" at me.
>

You sure about Ubuntu not putting an update out?

https://launchpad.net/ubuntu/+source/php5/5.3.2-1ubuntu4.15 suggests otherwise.

Announce went out some days back, and the new packages were already available.

https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-May/001678.html

Al. 


From murray.crane@??? Wed May 09 15:52:22 2012
Received: from mail-ob0-f176.google.com ([209.85.214.176])
    by mail.bitfolk.com with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16)
    (Exim 4.72) (envelope-from <murray.crane@???>)
    id 1SS9Be-000315-1C
    for users@???; Wed, 09 May 2012 15:52:22 +0000
Received: by obbef5 with SMTP id ef5so696811obb.21
    for <users@???>; Wed, 09 May 2012 08:52:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
    h=mime-version:in-reply-to:references:date:message-id:subject:from:to
    :cc:content-type;
    bh=P3cdaWJwVMl3rL0mMWC8b/4nyvqEkTHIp6L4taReC28=;
    b=ZG4Vjlj7UUjkUaZyfILV82cUxiTMwn/fKn2MQ78DWW1ym+GYZNBMHW9unAEUlZyY0t
    w7hHt+dkYwqtvFdnoHLWYStZ2SGnJLcu9q9WtJ9LzNUgvsNIhQPDJqNwDQ6G369fC+JU
    UAKaFZDka6RpJrJOWhTNsBQNvuxDi37Pdl
This message was posted to the following mailing lists:
users
Mailing List Info | Nearby Messages		<-Re: [bitfolk] IMPORTANT: You need to renumber the IP address(es)of your BitFolk VPSRe: [bitfolk] IMPORTANT: You need to renumber the IP address(es) of your BitFolk VPS->
Bitfolk Mailing List Archive administrated by List AdminLurker (version 2.3)