FC2 unpatched, critical vulnerabilities?
ad+lists at uni-x.org
Mon Jan 17 15:53:06 UTC 2005
Am Mo, den 17.01.2005 schrieb Lorenzo Musizza um 16:04:
> one of my friends just had his FC2 based simple mailserver (with no
> 3rd party software and only smtp/pop/imap services running) hacked.
> He told me that he noticed something strange seeing an unknown ip
> address in the "Last login from" when logged in as root. Then he
> changed the root password and waited: the same ip showed up in the
> secure log as a failed login attempt but after only 5 seconds the logs
> said ssh root login was successful.
Take the computer off-line - immediately!
> My friend admitted he never patched the server with updates, and I
> know allowing root ssh login is not recommended, but still I am a
> little surprised.
Wonderful - never updated :(
> Which are the most important vulnerabilities than can lead to a root
> remote login on a plain FC2 box?
Where you see the [SECURITY] behind the packages, that are critical
There is no other way than erasing the current root hacked system and
reinstalling it from scratch with a current updated system.
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.10-1.9_FC2smp
Serendipity 16:49:47 up 3 days, 12 users, load average: 0.56, 0.72, 1.03
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20050117/8eaa953f/attachment-0002.bin
More information about the users