Re: Security problem
On Thu, 22 Oct 1998, King Lee wrote:
: At our school our system administrator (who is very good) was
: running Red Hat 5.1 and someone broke in and got root privileges.
: Since he had written a Lan watch, we think we know how it happened.
: The Lan Watch showed someone form Israel send a very long
: packet to mountd. Shortly after, two names were added to
: the password file with user id 0. We suspect that
: /etc was NFS mounted with write permission. Afterwards
: there were logins from the two added names and rsh was changed.
: Is Debian vulnerable? Unfortunately, I haven't progressed
: to the stage where I am comfortable looking at code.
This security hole, and the fix, were announced on debian-security a few
weeks ago. I'll look for the announcement.
So yes, some systems are vulnerable, but there is a fix available.
MidcoNet 410 South Phillips Avenue Sioux Falls, SD
finger firstname.lastname@example.org for PGP Key: (0xA33B86E9)