On 24 Sep 2002, James Sparenberg wrote: > True enough... but this little trick seems to be a file that all > variants use....
Trust me. They don't. > > James > > > On Tue, 2002-09-24 at 11:25, alan wrote: > > On 24 Sep 2002, James Sparenberg wrote: > > > > > And in addition to patching up... (Always the best move no matter what.) > > > I've read where going into /tmp and doing > > > > > > touch bugtaq bugtraq.c > > > > > > chmod 400 bugtraq bugtraq.c > > > > > > Seems to fool the program into thinking this is an already cracked box > > > (Havent proof this works but a little extra precaution always makes me > > > feel better.) > > > > Since there are a number of varients out there, this is not going to help > > a whole lot. > > > > Fixing the hole is the first priority. > > > > BTW, this is not the only issue you need to be concerned about. There are > > problems in glibc, php and others that need to be updated as well. > > > > Keeping up on the bug fixes is a neverending process. Just when you think > > you have them all, a new group shows up to bedevil you. > > > > > > > > James > > > > > > > > > On Tue, 2002-09-24 at 17:42, Jeffrey Twu wrote: > > > > (sorry, inserted carriage returns below) > > > > > > > > Hi folks, > > > > > > > > A web server at work got cracked on Sunday, and it looks like > > > > they used the SSL hole. The bad person left a .tar.gz file in a > > > > directory, and we did a google search on the filename, and voila -- it > > > > was a script (uploaded Sep 17) that exploited the vulnerability. > > > > > > > > I heard about the SSL vulnerability before our server was > > > > cracked, and did some reading. I didn't patch, because of: > > > > > > > > http://www.mandrake.com/en/archives/expert/2002-09/msg00588.php > > > > > > > > The paragraph where they wrote Linux-Mandrake 8.2 was not vulnerable > > > > ... well, maybe they were referring to it with the openssl -2.3mdk > > > > patch. > > > > > > > > So, patch up, even if you read something that says "this is > > > > not vulnerable", as you may be taking it out of context, or they may > > > > be wrong. As of Sep 17 at least, there are automated tools for script > > > > kiddies that will exploit the hole. > > > > > > > > Here's the 8.2 security page: > > > > > > > > http://www.mandrake.com/en/security/mdk-updates.php3?dis=8.2 > > > > > > > > I assume this is the right one to install: > > > > > > > > http://www.mandrake.com/en/security/2002/MDKSA-2002-046-1.php?dis=8.2 > > > > (That gives you the filename; I assume you click on FTP server mirrors > > > > and find a mirror to actually download it. I haven't really used > > > > Mandrake's auto-update tools.) > > > > > > > > There is a longer discussion here: > > > > > > > > http://www.mandrake.com/en/archives/expert/2002-09/ > > > > (search for openssl) > > > > > > > > Jeffrey Twu > > > > [EMAIL PROTECTED] > > > > > > > > ---- > > > > > > > > > > > Want to buy your Pack or Services from MandrakeSoft? > > > > Go to http://www.mandrakestore.com > > > > > > > > > > > > > > > > > > ---- > > > > > Want to buy your Pack or Services from MandrakeSoft? > > Go to http://www.mandrakestore.com > > > >
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com