[ale] Redhat 6.2

Jeff Hubbs Jhubbs at niit.com
Fri Aug 11 15:24:15 EDT 2000 

What have the distro makers done to address this?  Do any have either a
fixed wu-ftpd or a solid alternative?

- Jeff

> -----Original Message-----
> From: Scott Nolde [mailto:smnoldelinux at mediaone.net]
> Sent: Friday, August 11, 2000 2:35 PM
> To: Ken N
> Cc: ale at ale.org
> Subject: Re: [ale] Redhat 6.2
> 
> 
> Ken N wrote:
> > 
> > Hi,
> > 
> >         I just instlled a redhat 6.2 server and found some strange
> > accounts on it not to much later. they where mind and 
> mind1, one of them
> > is a root account. I can't seemed to found any info 
> pointing to that fact
> > that this box is hacked but I am a little freaked out. 
> Anyone have any
> > ideas? The only thing running on this box is
> > 
> > ssh on an odd port
> > httpd
> > wu-ftpd-2.6.0-3.i386.rpm
> > 
> > I am a little paraniod so if anyone has any advice I would 
> appreciate it,
> > 
> > thanks
> > Ken
> > 
> > -----------------------------------------------------
> > http://cleveland.lug.net/~rocket/
> > 
> > "Beer is proof that god loves us and
> >         wants us to be happy"
> > 
> > Ben Franklin
> > 
> > --
> > To unsubscribe: mail majordomo at ale.org with "unsubscribe 
> ale" in message body.
> 
> I think most everyone will suggest the 'format and reinstall' 
> solution. 
> Wu-ftpd has had a nasty bug since '94 which could be used to execute
> arbitrary code as root.  This fact was just reported earlier 
> this year. 
> A common slogan has been "Wu-ftpd: providing root access since 1994."
> 
> For fun, check to see if a few binaries have changed, notably login,
> syslog, who, and last.
> 
> Perhaps if you report what you find, we could all learn from this.
> 
> - Scott
> -- 
> Never do Windows again with  |  Scott M. Nolde
> Linux!  No streaks, haze or  |  smnoldelinux at mediaone.net
> glaze!                       |  
> 2:30pm up 2:36, 2 users, load average: 1.11, 1.16, 1.09
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" 
> in message body.
> 
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list