tin wrote:So I patched and restarted the server on Monday night... Seemed to work, and all was working on Tuesday.
Today I got a call asking if I knew why it was coming up with 403 (which it certainly wasn't on Tuesday). After much reading of logs and looking at whether ports were misconfigured, I decided to recheck the symptoms of this exploit.... And we've got 2 new .jsp files (Ajax.jsp and XZimbra.jsp) created today. These appear not to be present in our backup from last night.
Is there another exploit/bug?
i have the same 403 issue after clean mi server. How did you solve the misconfigured ports?