(07-16-2015, 05:55 AM)Ron-e Wrote:(07-16-2015, 04:45 AM)apinto Wrote: ahsan was able to hack using a installed perl script (that is disabled by default on sentora, so unless you enabled perl by yourself that hack will not have any effect on your case.
The windows version from MarkDark (AWServer) has PERL installed (see link and/or quote below), so windows users are possible vulnerable for this hack.
(06-19-2015, 12:57 AM)MarkDark Wrote: As a basic platform for the server, the following components:
Apache v2.2.29
PHP v5.5.26 + PEAR
MySQL v5.5.43
Perl v5.16.3
ImageMagick v6.9.0
FileZilla v0.9.49
hMailServer v5.4.2-B1964
nnCronLie v1.17
BIND v9.9.7
Sendmail for Win v1.0
Webalizer v2.23-04 + GeoIP
nnBackup v3.01
Thats right Ron-e there is Perl v5.16.3 on AWServer on windows. If MarkDark can reply on its security issue?
For the time being i took the folder Perl out of the AWServer folder on Windows 7 so there is no Perl present (the folder at least) i dont now if security wise that be a fast fix for now.