Fwd: Proable exploited webserver: resources01.phx.ovirt.org
Greg Sheremeta
gshereme at redhat.com
Mon Apr 13 12:40:21 UTC 2015
Making sure you guys saw this.
----- Forwarded Message -----
> From: "Geoff Maciolek" <GMaciolek at pvdchosting.com>
> To: webmaster at ovirt.org
> Sent: Sunday, April 12, 2015 5:58:57 PM
> Subject: Proable exploited webserver: resources01.phx.ovirt.org
> Folks, there's a suspious file I saw when browsing
> plain.resources01.phx.ovirt.org
> Specifically, _h5ai_research.php appears to be a shell - it identifies itself
> as "c99madshell v.2.0 madnet edition" and prompts for login. It is EXTREMELY
> unlikely that this is there intentionally.
> Distressingly, the file has been there since 2014-09-26.
> --Geoff Maciolek
> PVDCHosting, LLC
> _______________________________________________
> Infra mailing list
> Infra at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/infra
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/infra/attachments/20150413/867fe9b5/attachment.html>
More information about the Infra
mailing list