coopster - 3:02 pm on Jan 26, 2008 (gmt 0)
Excellent advice, lammert. Thanks for taking the time to throw out a list. I spent some time on the phone yesterday with an admin, a real tech-head, in regards to this particular exploit. Although not a lot of information was offered, one point came through quite clearly ... the JS part of this exploit is merely one angle. Yes, root-level access is being compromised but nobody is stating how yet. Either they haven't figured it out or worse, they have figured it out and they don't know what to do yet. If they have figured it out you would think the news would be all over the place though.