GrayHat wrote:
a bit of warning here, "owned" means that the site or even the whole server got a severe security break, but more often than not, this isn't the case, the page are placed there just since someone forgot to set the correct permissions on some folders, in such a case you can't just consider the whole site/server as compromised :)
Oh yes, you can, and you should. "Owned" is the right way to look at this issue.
The server has to be believed to be completely compromised. Unless it is running a secure kernel (SE Linux in strict mode, one of the secure modes the BSDs), it is easy enough to find a local privilege escalation bug and get root/admin priviledges in anything that ran crap with open permissions in the first place.
-- Henrique de Moraes Holschuh <hmh@xxxxxxxxxxxxx> IM@ - Informática de Municípios Associados Projetos Especiais TEL +55-19-3739-6055/CEL +55-19-9293-9464 Antes de imprimir, lembre-se de seu compromisso com o Meio Ambiente e do custo que você pode evitar.
