icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Trojan/Backdoor - Apache mod_rootme Detection

Synopsis

The remote host has been compromised and is running a 'Backdoor' program

Description

The remote system appears to be running the mod_rootme module, this module silently allows a user to gain root shell access to the machine via crafted HTTP requests.

Solution

- Remove the mod_rootme module from httpd.conf/modules.conf. Consider reinstalling the computer, as it is likely to have been compromised by an intruder