It’s a fairly generalized risk, the Perl program in /tmp/ and the binaries in /tmp/.,/ were just the tools this particular script kiddee used.
You can tell if your server has been hit by grepping all your logfiles for “configdir”. If you spot a line like this…
10.0.73.167 – – [01/Feb/2005:19:05:17 -0500] “GET /cgi-bin/awstats.pl?configdir=|echo%20;echo%20;id;echo%20;echo| HTTP/1.0” 404 301 “-” “Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0)”
… then you probably have been scanned. If you were vulnerable then they probably knew, and you’ll want to look for other commands they ran.