Re: root compromise on debian woody

To: debian user <debian-user@lists.debian.org>
Subject: Re: root compromise on debian woody
From: michael <linux@networkingnewsletter.org.uk>
Date: Thu, 26 May 2005 22:18:23 +0100
Message-id: <[🔎] 1117142303.15719.3.camel@localhost.localdomain>
In-reply-to: <[🔎] 42963CA9.3020103@gmail.com>
References: <[🔎] 8752f596050526134936f40e67@mail.gmail.com> <[🔎] 42963CA9.3020103@gmail.com>

On Thu, 2005-05-26 at 17:16 -0400, kamaraju kusumanchi wrote:
> Selva Nair wrote:
> 
> >Hi all,
> >
> >   One of my machines running debian woody (up to date with all
> >security updates)
> >was broken into yesterday. The attacker gained a normal user access possibly by 
> >cracking a weak password and then managed to get a root shell, install a 
> >rootkit etc...
> >
> >   Looking through evidence left behind (bash_history etc..) I have
> >figured out that
> >the privilege escalation was achived using an executable  that the
> >attacker downloaded
> >from the net. I have verified that this binary is indeed capable of
> >giving root shell to any user
> >and it works on two test systems I tried -- one woody and one redhat 7.2. 

oh please send me a binary that promises to compromise my system....


cough

Reply to:

References:
- root compromise on debian woody
  - From: Selva Nair <selva.nair@gmail.com>
- Re: root compromise on debian woody
  - From: kamaraju kusumanchi <raju.mailinglists@gmail.com>

Prev by Date: Re: root compromise on debian woody
Next by Date: subscribe
Previous by thread: Re: root compromise on debian woody
Next by thread: Re: root compromise on debian woody
Index(es):
- Date
- Thread