Re: Critical: ssh-nonfree IS exploited
On Sun, Nov 11, 2001 at 03:54:40PM +0100, Wichert Akkerman wrote:
> Previously Bernd Eckenfels wrote:
> > just a small information, I have at least 2 confirmed reports about Hacked
> > Debian Boxes. All of them are hacked by exploiting the old nonfree-ssh and
> > installing a rootkit. Fortunatelly the rootkit is easy to detect, since it
> > is linked against libc5.
>
> Non-free, not part of Debian, etc. etc.
Well.. I think the admin will not differ, especially not, if you do not tell
them. I think a DSA is in order, especially as those Bugs are fixed.
Is it possible to send at least a small note (not an official Advisory) to
the announce list?
Greetings
Bernd
Reply to: