Re: Is there a FAM(file alteration monitor) exploit in the wild?

To: debian-security@lists.debian.org
Subject: Re: Is there a FAM(file alteration monitor) exploit in the wild?
From: Me <joe@plaguesplace.dyndns.org>
Date: Tue, 9 Dec 2003 12:37:50 -0500
Message-id: <[🔎] 20031209173750.GQ1408@plaguesplace.dyndns.org>
Reply-to: me <joe@plaguesplace.dyndns.org>
In-reply-to: <[🔎] 20031208100249.GD1152@gardafou.assamite.eu.org>
References: <[🔎] 20031208002554.GM1408@plaguesplace.dyndns.org> <[🔎] 20031208100249.GD1152@gardafou.assamite.eu.org>

On Mon, Dec 08, 2003 at 11:02:49AM +0100, Jean-Francois Dive wrote:
> why do you run that kind of service on a publicly reachable  address ? 

Well, it wasn't by choice.  It came with some K-apps that were
installed.  But that isn't the point.  It is pretty common.  The fact
that there might be an exploit involving fam and probably the 2.4 kernel
exploit isn't getting the attention.  The daemon itself doesn't appear
to have any security surrounding it.

joe
--

Attachment: pgpsDAvk7xPvD.pgp
Description: PGP signature

Reply to:

References:
- Is there a FAM(file alteration monitor) exploit in the wild?
  - From: Me <joe@plaguesplace.dyndns.org>
- Re: Is there a FAM(file alteration monitor) exploit in the wild?
  - From: Jean-Francois Dive <jef@linuxbe.org>

Prev by Date: Re: Q. Should one mirror debian.security.org? Good or Bad Idea?
Next by Date: Re: Q. Should one mirror debian.security.org? Good or Bad Idea?
Previous by thread: Re: Is there a FAM(file alteration monitor) exploit in the wild?
Next by thread: RE: Grsecurity, ssh and postfix
Index(es):
- Date
- Thread