Hands up who DIDN'T exploit this years-old flaw to ransack a US govt web server...