Date: Fri, 20 Jul 2001 09:24:20 -0700 (PDT) From: Tom <tom@uniserve.com> To: admin@kremilek.gyrec.cz Cc: freebsd-stable@FreeBSD.org Subject: Re: probably remote exploit Message-ID: <Pine.BSF.4.10.10107200923060.4917-100000@athena.uniserve.ca> In-Reply-To: <Pine.LNX.3.96.1010720174942.651C-100000@kremilek.gyrec.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 20 Jul 2001 admin@kremilek.gyrec.cz wrote: > Probably just warning. I personally couldn't believe it, but on > the last list of my 4.2-RELEASE appeared that host sh2.1-sh.com was logged > as user Jim. The one bad thing I did, that firewall wasnt working and > there is NFS available (besides BRIGDED connection to CISCO Router, named > and squid (both in sandbox) and sshd,ntp. I really don't know what > happened, because I couldn't believe that someone is able to find out the > eight character password. Because it is a school server I am not scared so > much about compomising, but would like to know if I am so stupid (I was > trying to leave,delete or update anything what was on security) or does it > happened to anyoneelse as well? (haven't got Disk Space to build these > days) There are known problems wiht ntpd, which you seem to be using. There is also a local exploit in 4.3-RELEASE. You should be on the freebsd-security mailing list, and you should be checking the archives of that list first. Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10107200923060.4917-100000>