Apache dynamic module infected
kenneth at mail1.ttak.org
Tue Jan 22 17:12:37 MST 2008
Has anyone heard about this Apache exploit? Supposedly there is a mass
infection using Apache's dynamic module.
Mass host hack bigger than first thought, hits 10,000 sites
Some hacked Apache servers reinfected even after clean-up and Linux
Is this for real or is this merely a isolated problem blow out of
proportion to cause FUD? If this is for real, the articles did not
explain how you can detect if you were infected, or how to disable
Apache's dynamic module.
Is there a "dynamic module" module or is it referring to any module that
is loaded by the LoadModule directive? If the later is the case than
any site hosting SSL or PHP or any number of other items would be
disabled. I am hoping the former is the case and there is some
mysterious "dynamic module" module to be disabled. Any ideas?
More information about the PLUG