Highest Voted 'exploit' Questions - Server Fault Stack Exchange

2

votes

1 answer

Linux 64b dangerous kernel exploit

Many of you know the recent and dangerous kernel exploit CVE-2010-3081. See /. What is the actual risk for a server? Do we have to patch urgently all systems? Or, since it seems only a local user may gain root access, standalone servers are pretty…

linux kernel exploit

asked Sep 23 '10 at 06:31

Déjà vu

5,408
9
32
52

2

votes

1 answer

Samba - Is my server vulnerable to CVE-2008-1105?

I have a CentOS server that is running Samba and I want to verify the vulnerability addressed by CVE-2008-1105. What scenarios can I build in order to run the exploit that is mentioned in http://secunia.com/advisories/cve_reference/CVE-2008-1105/? …

centos vulnerabilities exploit

asked May 06 '10 at 14:29

Joao Heleno

251
1
4
12

2

votes

4 answers

Website attacked with a hidden iframe (q5x.ru)

A website of mine has recently been infected with some sort of attack that involved injecting a hidden iframe, and it's source was from a site q5x.ru (do not link). A Google search didn't help me in figuring out how this attack my have took place,…

website exploit malware attacks

asked Jul 30 '09 at 09:08

Andreas Grech

195
1
1
7

1

vote

0 answers

netstats shows my own server is hitting a server its not supposed to know about

On AWS I have a few dedicated servers that do image processing, and they seem to get high traffic and fail. When running netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n I get that the most active IP is an IP of an nginx…

ubuntu nginx ddos netstat exploit

asked Jun 13 '16 at 12:46

Niro

1,371
3
17
35

1

vote

1 answer

MySQL root password changed by someone or app self

I have a server that is accessible to the public, but i've been 3 times I was in the locker MySQL root password by someone else, who knows the password that's only me. I've checked on the server disk I not find php injection and the like, and I…

ubuntu mysql hacking exploit

asked Dec 22 '12 at 12:07

user139209

1

vote

1 answer

Plesk Qmail Queue Exploding From Possible Webform Attack

The qmail queue on my server (running Plesk on CentOS 5.2) balloons up to 120,000+ messages in the queue overnight. The messages in the queue are obviously spam. I've cleared them out over the last day using qmHandle, but I can't determine how they…

email queue hacking exploit

asked Jun 05 '12 at 17:04

ChiCgi

163
1
1
4

1

vote

3 answers

What exploit is this?

Our company site just went live and the very first entry in access.log looks like a tentative exploit :) Any idea on which one it could be? Here's the relevant line: 79.168.7.121 - - [28/Jan/2011:13:19:25 +0100]…

apache-2.2 exploit

asked Jan 28 '11 at 13:28

Joril

1,513
1
19
27

1

vote

1 answer

exploit.so dmesg errors

A server (which has since been pulled offline and is scheduled to be wiped) was compromised through ssh brute force. No root/su/sudo access was gained but I started observing these errors (pasted below). I am curious if anyone has ever seen them,…

exploit linux-kernel segmentation-fault security

asked Oct 09 '10 at 19:28

b3nw

13
2

1

vote

2 answers

CentOS Vulnerabilities - Exploits/Payloads

I'm doing an academic work where I have to find vulnerabilities in CentOS and show how to take advantage of those same vulnerabilities. I'm no hacker and I'm finding this task to be of great difficulty, that is, I see all the security alerts and…

centos exploit security payload

asked Mar 25 '10 at 13:40

Joao Heleno

251
1
4
12

1

vote

1 answer

What is this possible Apache exploit, and am I affected?

I had this warning in my daily logwatch digest this morning: A total of 1 possible successful probes were detected (the following URLs contain strings that match one or more of a listing of strings that indicate a possible exploit): …

apache2 logwatch exploit

asked Apr 25 '22 at 10:14

Darren

311
3
4
13

1

vote

1 answer

CVE-2021-26855 exploited. Patched and running MSERT. What else can I do?

I'm running the Exchange server exploit checks recommended by Microsoft here: [MS Security Response Center - OnPremise Exchange Server Vulnerabilities Resource Center - updated March 16, 2021]2 Security Scripts I installed the latest patches and…

exploit exchange-2019

asked Mar 17 '21 at 03:16

cb2791

11
1
3

0

votes

0 answers

What exploits involve making long http requests with lots of mostly null byte octals?

I've gotten a lot of strange http requests in my access logs before, like calls to nonexistent WordPress login scripts and application specific locations. I've even gotten a few wise guy requests like ...GET /your-site-sucks HTTP/1.1 400.... I'm…

nginx apache-2.4 web-server exploit

asked Sep 02 '19 at 03:00

Altimus Prime

334
2
7
20

0

votes

0 answers

Running processes: "perl /tmp/dd" - what is this?

I have a LAMP server with about 50 virtual domains, and am using Webmin/Virtualmin to manage the server. When looking at running processes (top) I see one domain's username is running a couple of perl processes, and ps gives me the full command…

perl webmin exploit virtualmin

asked Feb 06 '19 at 14:51

Ryan Griggs

885
2
12
27

0

votes

0 answers

Tomcat fiilter traffic basing on bad mime type

I have spotted recently a large amount of malicious traffic causing throwing an errors on our Grails app. It is hosted via tomcat: ERROR grails.plugin.cache.web.filter.simple.MemoryPageFragmentCachingFilter - PageFragmentCachingFilter has…

tomcat mime-type exploit content-filter

asked Jul 22 '18 at 21:24

Michal_Szulc

113
6

0

votes

1 answer

Windows 7 SP1 SMB (Port 135/445) enabled by default upon install?

I'm curious as over several years ever since I started researching about computer security, SMB has been a place where remote code execution happens the most on the windows OS. Especially With the recent vulnerability MS17-010 Eternal blue.…

windows-7 server-message-block exploit

asked May 25 '17 at 11:31

Z3R0_XP

3
3

Questions tagged [exploit]