[LUGOS-BLA] Hacked?
Andraz Sraka
a at aufbix.org
Mon Jul 7 13:29:38 CEST 2003
re
On Mon, 2003-07-07 at 13:08, Nejc Skoberne wrote:
> root at Masina:/var/spool/hylafax/etc# init q
> /dev/null
> RK_Init: idt=0xc03a7000, sct[]=0xc0341834, FUCK: Can't find kmalloc()!
>
> A je kdo ze videl kaj takega?
ne .. sem pa bral .. oz. imel posredno na eni masini opravka s tem
exploitom. Masina je bila exploitana prek SSHja (gor je bila neka
unstable verzija)
> Kaksna ideja? Vdor?
da, slo naj bi za vdor (oz. namestitev) SuckIT rootkit-om, ki naj bi
vrnil 'RK_Init: idt=0xc03a7000, sct[]=0xc0341834, FUCK: Can't find
kmalloc()!'. Ce se prav spomnim, ce naredis 'reboot' in dobis ponovno ta
isti 'FUCK' output, naj bi bila masina uspesno exploitan-a.
za branje:
http://www.securityfocus.com/archive/75/317381/2003-04-03/2003-04-09/0
lp,
Andraz
--
BOFH excuse #316:
Elves on strike. (Why do they call EMAG Elf Magic)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://liste2.lugos.si/pipermail/lugos-bla/attachments/20030707/7bf8b3ee/attachment-0001.pgp
More information about the lugos-bla
mailing list