Today, that changed. I was reviewing system messages from over the weekend and I saw an email from the clamscan cronjob I have setup on many servers. It went a little like:
/tmp/openx-2.8.10/etc/plugins/openXVideoAds.zip: Backdoor.OpenX.CVE_2013_4211 FOUND
..../openads/plugins/deliveryLog/vastServeVideoPlayer/flowplayer/3.1.1/flowplayer-3.1.1.min.js: Backdoor.OpenX.CVE_2013_4211 FOUND
..../openads/plugins/plugins/deliveryLog/vastServeVideoPlayer/flowplayer/3.1.1/flowplayer-3.1.1.min.js: Backdoor.OpenX.CVE_2013_4211 FOUND
..../openads/etc/plugins/openXVideoAds.zip: Backdoor.OpenX.CVE_2013_4211 FOUND
A quick google turned up a link to Packet Storm. http://packetstormsecurity.com/files/cve/CVE-2013-4211
Where CVE-2013-4211 became an exploit candidate 3 days ago. I see some other mentions from a few days earlier, but definitely not too long ago. Since that time, clamav has updated it's definitions, freshclam downloaded them, and I got notified that I had an active backdoor on one of my servers because of maintaining a good anti-virus policy on Linux.
So ends the lesson.