About the recent invasion
Itamar - IspBrasil
itamar at ispbrasil.com.br
Mon Sep 15 22:19:09 UTC 2008
aparentemente foi causado por uma falha no ssh, onde o atacante
conseguiu assinar alguns pacotes com as chave's do fedora.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752
http://lists.centos.org/pipermail/centos-announce/2008-August/015195.html
http://rhn.redhat.com/errata/RHSA-2008-0855.html
http://www.redhat.com/security/data/openssh-blacklist.html
On 9/12/2008 1:40 PM, Henrique Junior wrote:
>
> Hello, guys
> I'm sorry if this list
> is not the right place to post this question but I can't figure a
> better place.
> As a Fedora ambassador
> (in Brazil) I've been asked by a lot of people about the recent
> invasion in our servers. The question I've been asked yesterday was
> “how it happened?”
> I'd like to explain
> here exactly what happened to make our users more comfortable and confident.
> Please excuse my bad english.
>
>
> Thanks
>
> Henrique "LonelySpooky" Junior
> ________________________________
> "In a world without walls and fences, who needs windows and gates?!"
>
>
> Novos endereços, o Yahoo! que você conhece. Crie um email novo com a sua cara @ymail.com ou @rocketmail.com.
> http://br.new.mail.yahoo.com/addresses
>
>
> _______________________________________________
> Fedora-infrastructure-list mailing list
> Fedora-infrastructure-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
>
>
>
More information about the infrastructure
mailing list