Re: FC2 unpatched, critical vulnerabilities?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Mo, den 17.01.2005 schrieb Lorenzo Musizza um 16:04:

> one of my friends just had his FC2 based simple mailserver (with no
> 3rd party software and only smtp/pop/imap services running) hacked.
> He told me that he noticed something strange seeing an unknown ip
> address in the "Last login from" when logged in as root. Then he
> changed the root password and waited: the same ip showed up in the
> secure log as a failed login attempt but after only 5 seconds the logs
> said ssh root login was successful.

Take the computer off-line - immediately!

> My friend admitted he never patched the server with updates, and I
> know allowing root ssh login is not recommended, but still I am a
> little surprised.

Wonderful - never updated :(

> Which are the most important vulnerabilities than can lead to a root
> remote login on a plain FC2 box?

http://www.fedoranews.org/updates/fc2-updates.shtml
Where you see the [SECURITY] behind the packages, that are critical
updates.

> Luciano

There is no other way than erasing the current root hacked system and
reinstalling it from scratch with a current updated system.

Alexander


-- 
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.10-1.9_FC2smp 
Serendipity 16:49:47 up 3 days, 12 users, load average: 0.56, 0.72, 1.03

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux