Provo Web Site Hacked

Stuart Jansen sjansen at buscaluz.org
Sat Nov 12 16:36:23 MST 2005


On Sat, 2005-11-12 at 16:21 -0700, Chris Carey wrote:
> Netcraft shows the site is running Apache/1.3.26 UnitedLinux
> mod_python/2.7.8 Python/2.2.1 PHP/4.3.8 mod_perl/1.27
> 
> Ouch, old version of Apache. I believe they are up to v1.3.34.

It is common for enterprise versions of Linux to backport security
patches rather than update to the newest version of an application. The
expectation is that this will cause less disruption for customers who
have payed quite a bit for a platform they can use for 5+ years once
configured.

Of course, I'm too lazy to poke around and find out if that header
actually matches an up-to-date UnitedLinux system. They only thing we
can know for sure, at first glance, is that Provo is probably using
software from Novell.

-- 
Stuart Jansen              e-mail/jabber: sjansen at buscaluz.org
                           google talk:   stuart.jansen at gmail.com
:0                         # copy & paste for your convenience
* ^From:.*sjansen@
/dev/null                  # /ignore sjansen!*@*
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://plug.org/pipermail/plug/attachments/20051112/7646873b/attachment.bin 


More information about the PLUG mailing list