Yes, I have a handful of stories piling up, but I wanted to let this one through first. I don't think I need to make any cynical remarks about PHP and security...it's all about the apps, and to date, I've not seen a lot of well coded PHP apps out there. Here's yet another PHP app that allowed a system to be compromised...
Attacks against Joomla com_peoplebook, (Sun, Jul 30th): "As reported in a couple of previous diaries (http://isc.sans.org/diary.php?storyid=1483 & 1480 ), less than adequate input validation resulted in a fair few attacks against Joomla and Mambo components. Joomla is a powerful open-source Content Management System written in php. Yesterday we received word of another attack, this time against com_peoplebook.Source: ISC SANS
Here are a few of the httpd log entries that we were provided, suitably sanitized at the hosting provider's request. Note the timelag between log entries - there was a living human at the other end of the wire manually manipulating this server.