Re: root compromise on debian woody
On Thu, 2005-05-26 at 17:16 -0400, kamaraju kusumanchi wrote:
> Selva Nair wrote:
>
> >Hi all,
> >
> > One of my machines running debian woody (up to date with all
> >security updates)
> >was broken into yesterday. The attacker gained a normal user access possibly by
> >cracking a weak password and then managed to get a root shell, install a
> >rootkit etc...
> >
> > Looking through evidence left behind (bash_history etc..) I have
> >figured out that
> >the privilege escalation was achived using an executable that the
> >attacker downloaded
> >from the net. I have verified that this binary is indeed capable of
> >giving root shell to any user
> >and it works on two test systems I tried -- one woody and one redhat 7.2.
oh please send me a binary that promises to compromise my system....
cough
Reply to: