thr3ads.net - CentOS - [CentOS] Exploit 'in the wild' for Trixbox [Jul 2008]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Nigel Kendrick

2008-Jul-20 16:13 UTC

[CentOS] Exploit 'in the wild' for Trixbox

Just in case anyone else needs to know - there's an exploit 'in the
wild'
for Trixbox (which is CentOS based) that allows malicious code to be
installed on a server. I discovered that one of my Trixbox servers was
running 3 instances of a perl-based IRC botnet process called httpdse and
this was pegging the CPU at 100%.

Notes, comments, removal instructions, patches etc. here:

http://trixbox.org/forums/trixbox-forums/open-discussion/critical-remote-roo
t-exploit-trixbox-wild

Guess that teaches me not to open the Trixbox Web interface to the world.

Regards,

Nigel Kendrick

Apparently Analagous Threads

PHP Segfaults on Centos 5 and PBX in a Flash but not Trixbox
SV: How do you like TrixBox?
Trixbox Arbitrary Command Execution Vulnerability
Trixbox 2.6.1.13 OpenR2
FW: The trixbox Revolution Continues! Sign upforthe Webinar.

Search for more seemingly similar threads

CentOS - Jul 2008 - Exploit 'in the wild' for Trixbox

[CentOS] Exploit 'in the wild' for Trixbox

Apparently Analagous Threads

Wisdom of the Ancients