ATTN server admins: new exploit and corresponding fix