I see the following from logwatch in the overnight log file review:
--------------------- httpd Begin ------------------------
Requests with error response codes
404 Not Found
/crossdomain.xml: 1 Time(s)
---------------------- httpd End -------------------------
and so I go digging:
[root@centos-5 httpd]# cat error_log
[Sun Jun 06 04:02:04 2010] [notice] Digest: generating secret for digest authentication ...
[Sun Jun 06 04:02:04 2010] [notice] Digest: done
[Sun Jun 06 04:02:05 2010] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
[Mon Jun 07 14:20:39 2010] [error] [client 127.0.0.2] File does not exist: /var/www/html/crossdomain.xml
Sure enough. It looks as though some piece of Flash code is hoping to 'leverage' a cross-domain permission to include something I may not have intentionally intended to allow.
See the note at: http://kb2.adobe.com/cps/142/tn_14213.html
For the sake of argument, assume you HAD to web view as root, as say with an operating system that required you use a browser front end to access system updates. Assume also that you improvidently viewed a 'seeder' of bad things that WROTE a hostile crossdomain.xml for later use by a second piece of hostile Flash to 'reap'
Oops ... game over
