FC2 unpatched, critical vulnerabilities?

Alexander Dalloz ad+lists at uni-x.org
Mon Jan 17 15:53:06 UTC 2005

Am Mo, den 17.01.2005 schrieb Lorenzo Musizza um 16:04:

> one of my friends just had his FC2 based simple mailserver (with no
> 3rd party software and only smtp/pop/imap services running) hacked.
> He told me that he noticed something strange seeing an unknown ip
> address in the "Last login from" when logged in as root. Then he
> changed the root password and waited: the same ip showed up in the
> secure log as a failed login attempt but after only 5 seconds the logs
> said ssh root login was successful.

Take the computer off-line - immediately!

> My friend admitted he never patched the server with updates, and I
> know allowing root ssh login is not recommended, but still I am a
> little surprised.

Wonderful - never updated :(

> Which are the most important vulnerabilities than can lead to a root
> remote login on a plain FC2 box?

Where you see the [SECURITY] behind the packages, that are critical

> Luciano

There is no other way than erasing the current root hacked system and
reinstalling it from scratch with a current updated system.


Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.10-1.9_FC2smp 
Serendipity 16:49:47 up 3 days, 12 users, load average: 0.56, 0.72, 1.03
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20050117/8eaa953f/attachment-0002.bin 

More information about the users mailing list