Re: VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit
Hi,
In case you didn't have this patch. Patch login.php as soon
as possible (old bug).
http://vhcs.puuhis.net/index.php?option=com_content&task=view&id=14&Itemid=1
For the new bug this is a quick solution
* to modify the php.ini and to disable shell and execute functions
disable_functions = system,system_exec,passthru,shell,shell_exec,exec
* to not permit LOAD INLINE from mysql. We can disable this feature with
the following line to the my.cnf in the section [mysqld]
local-infile=0