How webpage defacement possible just using web hacking?

["Monty Ree" <chulmin2 () hotmail com>]

Hello, all.

Some days ago, a site is defacemented by web hacking.
I guess that some attacker gained web server permission using web 
application vuln. and changed index file.
Surely, the attacker did gain just nobody privilege(web server user) not 
root privilege 
and the index file permission is 644 with other user owned.(and there is no 
write permission at directory)

I guess that it is impossible to change index file just nobody privilege. 
But most webpage defacement is occured using web application vuln. by php 
or cgi something like that.

Of course, it will be possible that vulnerable cgi is set suid. but most is 
not.


Any idea?


Thanks in advance.

_________________________________________________________________
고.. 감.. 도.. 사.. 랑.. 만.. 들.. 기.. MSN 러브   
http://www.msn.co.kr/love/