Re: Debian servers "hacked"?

To: Jan Wagner <waja@gmx.de>
Cc: thomas@northernsecurity.net, debian-security@lists.debian.org
Subject: Re: Debian servers "hacked"?
From: Bueno <bueno@hal.vu>
Date: Fri, 21 Nov 2003 10:58:22 -0200
Message-id: <[🔎] 20031121125822.GH4429@alucicrazy.tacnet.com.br>
In-reply-to: <[🔎] 200311211313.35160.waja@gmx.de>
References: <[🔎] 20031121113850.GA23698@northernsecurity.net> <[🔎] 200311211313.35160.waja@gmx.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
The Debian Project                                http://www.debian.org/
Some Debian Project machines compromised                press@debian.org
November 21st, 2003
- ------------------------------------------------------------------------

Some Debian Project machines have been compromised

This is a very unfortunate incident to report about.  Some Debian
servers were found to have been compromised in the last 24 hours.

The archive is not affected by this compromise!

In particular the following machines have been affected:

  . master (Bug Tracking System)
    . murphy (mailing lists)
      . gluck (web, cvs)
        . klecker (security, non-us, web search, www-master)

	Some of these services are currently not available as the
	machines
	undergo close inspection.  Some services have been moved to
	other
	machines (www.debian.org for example).

	The security archive will be verified from trusted sources
	before it
	will become available again.

	Please note that we have recently prepared a new point release
	for
	Debian GNU/Linux 3.0 (woody), release 3.0r2.  While it has not
	been
	announced yet, it has been pushed to our mirrors already.  The
	announcement was scheduled for this morning but had to be
	postponed.
	This update has now been checked and it is not affected by the
	compromise.

	We apologise for the disruptions of some services over the next
	few
	days.  We are working on restoring the services and verifying
	the
	content of our archives.


	Contact Information
	- -------------------

	For further information, please visit the Debian web pages at
	<http://www.debian.org/> or send mail to <press@debian.org>.
	-----BEGIN PGP SIGNATURE-----
	Version: GnuPG v1.2.3 (GNU/Linux)

	iD8DBQE/vfsJW5ql+IAeqTIRApjYAJ4v6QK07nyNNyBCvsosorej3cwMHACfZcLt
	PwFJYJu8w1rU64Z82ddF6LY=
	=If2b
	-----END PGP SIGNATURE-----



On (21/11/03 13:13), Jan Wagner wrote:
> On Friday 21 November 2003 12:38, Thomas Sjögren wrote:
> > Anyone to shed some light over this?
> >
> > "Someone has cracked all the servers of the Debian Project. There has
> > been a severe security mishap and guys should uninstall all stuff
> > downloaded and installed in the past 2 days. Please do not apt-get
> > anything right now! Please wait till an `official' release happens!"
> > http://article.gmane.org/gmane.linux.debian.user/117910
> >
> > Server security mishap - you think?!
> 
> http://luonnotar.infodrom.org/~joey/debian-announce.txt
> 
> Regards, Jan.
> 
> 
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 

-- 
Bueno, Felippe
<bueno@hal.vu>
http://www.hal.vu

Reply to:

Follow-Ups:
- Re: Debian servers "hacked"?
  - From: Jan Wagner <waja@gmx.de>

References:
- Debian servers "hacked"?
  - From: Thomas Sjögren <thomas@northernsecurity.net>
- Re: Debian servers "hacked"?
  - From: Jan Wagner <waja@gmx.de>

Prev by Date: Re: Debian servers "hacked"?
Next by Date: Re: Debian servers "hacked"?
Previous by thread: Re: Debian servers "hacked"?
Next by thread: Re: Debian servers "hacked"?
Index(es):
- Date
- Thread