by Anonymous Coward writes:
on Monday April 29, 2013 @12:17PM (#43581577)
No, all apaches are vulnerable - if the binary is replaced in this way. cPanel doesn't use packaged binaries for apache, and therefore you can't spot if you've been hacked *by simple use of the package manager*.
According to the threads I read, all are vulnerable. Since the binary is not changed on disk, vidating checksums won't detect this. They really did not go into much detail in any of the reading I got following TFA three levels deep. No versions, no rigs, no mods, etc.. Did you read outside of TFA that it was CPA el only? Sittin in the dr office now, have to read more when back at the office.
This is just the latest iteration of FUD against Linux. We all know who spreads it. I would not be surprised they first created that cpanel shit and then show how to fuck up Apache with their own crap contraption. Welcome to the capitalist world !
Often statistics are used as a drunken man uses lampposts -- for support
rather than illumination.
doesn't look so scary (Score:5, Insightful)
Only cpanel apaches vulnerable and modified httpd easily found by grep'ing a string?
*yawn*
Re:doesn't look so scary (Score:3, Interesting)
No, all apaches are vulnerable - if the binary is replaced in this way. cPanel doesn't use packaged binaries for apache, and therefore you can't spot if you've been hacked *by simple use of the package manager*.
Re:doesn't look so scary (Score:5, Insightful)
Re: doesn't look so scary (Score:3)
Re: (Score:-1)
This is just the latest iteration of FUD against Linux. We all know who spreads it. I would not be surprised they first created that cpanel shit and then show how to fuck up Apache with their own crap contraption. Welcome to the capitalist world !