[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Investigation Report after Server Compromises

On Wed, Dec 03, 2003 at 06:08:54PM -0700, Monique Y. Herman wrote:
> After reading a few more responses, I realize that of course a debian
> developer's machine could get compromised.  I guess I just thought they
> were infallible *grin*
> 
> Now, the real question is, what exploit was used to get onto that dev's
> machine in the first place?

My understanding is that the developer's account on the machine in
question had been disused for some time, and that the machine wasn't
very well-maintained. It could have been any one of a dozen local root
exploits that have been known for some time. I think they investigated,
but the results weren't particularly earth-shaking.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]
Reply to: