Incidents
Re: Suspicious files in /tmp Jun 18 2007 10:10PM
Juha-Matti Laurio (juha-matti laurio netti fi)
I have received a Virus Alert notification message from my webmail provider informing about a malware in my Inbox.
This is the reason I never received the first message of this thread (webmail company deleted the message).
Unfortunately, I don't remember the exact name of malware reported but 'Perl' was included to the malware name.

- Juha-Matti

"Matt D. Harris" <mdh (at) solitox (dot) net [email concealed]> wrote:
> They're being executed despite filesystem mount options because the
> script isn't being executed, the perl interpretter is.
--clip--

> kladizkov.thehome wrote:
> > Hi,
> >
> > My firewall LFD, pulled out three perl scripts from /tmp. It was found
> > to be executing in my server. I have attached the scripts along with
> > this mail. Is this issue familiar to anyone?
> >
> > How can a script uploaded to /tmp be executed when it has noexec privilege?
> >
> >
> > ------------------------------------------------------------------------

> >
> > ------------------------------------------------------------------------
-
> > This list sponsored by: SPI Dynamics
> >
> > ALERT: .How a Hacker Launches a SQL Injection Attack!.- White Paper
> > It's as simple as placing additional SQL commands into a Web Form input box
> > giving hackers complete access to all your backend systems! Firewalls and IDS
> > will not stop such attacks because SQL Injections are NOT seen as intruders.
> > Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!
> >
> > https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000Cn8
E
> > ------------------------------------------------------------------------
--

------------------------------------------------------------------------
-
This list sponsored by: SPI Dynamics

ALERT: .How a Hacker Launches a SQL Injection Attack!.- White Paper
It's as simple as placing additional SQL commands into a Web Form input box
giving hackers complete access to all your backend systems! Firewalls and IDS
will not stop such attacks because SQL Injections are NOT seen as intruders.
Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000Cn8
E
------------------------------------------------------------------------
--

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus