pHp exploit?

Here's a setup:
Gentoo Linux w/ kernel 2.5.20
Proftpd 1.2.10
Apache 2.0.5
Php 4.3.8
A hacker somehow managed to modify the code on my friends web site using the php bug/exploit. The hacker wouldn't tells us how he did it and my friend has log reporting turned off on the server.
I've searched the Change Log and numerous sites for an answer to our problem to no avail. Would anyone know how the heck is that possible? What are the security steps we need to take in order for us to prevent this threat.

Thanks!

 

 

 

 

Top