Just as a followup, someone was exploiting a vulnerability in plugin.class.php in RC2 on our site. Our host had to shut off access to our site -- http://www.thewyvernportal.com
-- (on the day I was presenting it to my fellow faculty members, of course) because his servers were being flooded.
Not sure about Joomla (not familiar with that software), but the exploit
was most definitely that described in the Secunia advisory, and the exact
file being exploited was:
This morning, we had a team of our guys trying to find out what was
happening on our servers (the cpu load had skyrocketed on 4 of our
cluster servers), and it turns out about 40 processes were running
a remote UDP flood script that was downloaded and executed through
the vulnerability in that script.
The flood script was spreading "a worm that is used to launch denial
of service attacks on other sites," my host said tonight.
The secunia advisory was one for mambo 4.5.2: http://secunia.com/advisories/14337
I am not sure if it applies to Joomla 1.0.10 and CB RC2, but my host's staff says it does. I have applied the 1.0.1 update, so I hope it fixes the problem.