[XCSSA] spl2 and mazzer

[xcssa@xcssa.org]

Has anybody come across a root shell exploit called spl2? Fortunately,
I caught it right after it happened and I've been trying to find what
this exploit exploits. When you execute it as a user, you immediately
get a root shell. I have the server back online with limited access,
so before I lift the access restrictions I'd like to patch this
vulnerability.

Two other files were associated with it, mazzer and agrepzp. Those are
log cleaners

Google doesn't give much information, so I'm wondering if it was
renamed to spl2 to prevent tracking it down.

Thanks for any help!

Strings doesn't give much information either.

-- 
Jeremy