squirrelmail is reported as Suspicious Process
Posted: 27 Jun 2008, 07:02
Upgraded 3 servers to latest CSF and all of them report Suspicious process when users are accessing email using squirrelmail.
Is this normal or i need to update any settings ?Time: Fri Jun 27 00:25:46 2008
PID: 20395
Account: dxxxnd
Uptime: 161 seconds
Executable:
/usr/local/cpanel/3rdparty/bin/php-cgi
Command Line (often faked in exploits):
/usr/local/cpanel/3rdparty/bin/php-cgi /usr/local/cpanel/base/3rdparty/squirrelmail/src/right_main.php
Network connections by the process (if any):
tcp: 127.0.0.1:35159 -> 127.0.0.1:143