https://threatpost.com/en_us/blogs/jboss-worm-exploiting-old-bug-infect-unpatched-servers-102111 Worm uses bug in jmx-console to execute shell code, then it installs perl-based control daemon that connects to IRS, and tries to discover other JBoss’es near by by using jgroups UDP multicast. Here is more details, including the source code http://pastebin.com/U7fPMxet
https://threatpost.com/en_us/blogs/jboss-worm-exploiting-old-bug-infect-unpatched-servers-102111 Worm uses bug in jmx-console to execute shell code, then it installs perl-based control daemon that connects to IRS, and tries to discover other JBoss’es near by by using jgroups UDP multicast. Here is more details, including the source code http://pastebin.com/U7fPMxet
http://www.contextis.com/research/blog/reverseproxybypass/ It is possible for an attacker to reach internal resources in a DMZ if RewriteRule or ProxyPassMatch directives are used in mod_proxy config
http://www.contextis.com/research/blog/reverseproxybypass/ It is possible for an attacker to reach internal resources in a DMZ if RewriteRule or ProxyPassMatch directives are used in mod_proxy config