On Sun, 11 Apr 2004, Noah Meyerhans wrote:
> On Sun, Apr 11, 2004 at 11:15:10AM +0200, LeVA wrote:
>> I always compile the latest stable 2.4 kernel with loadable modules
>> disabled, but I don't apply any kernel patches.
>> Is this "safe", or I must apply some security patch?
>
> None of the rece
On Sun, 11 Apr 2004, Noah Meyerhans wrote:
> On Sun, Apr 11, 2004 at 11:15:10AM +0200, LeVA wrote:
>> I always compile the latest stable 2.4 kernel with loadable modules
>> disabled, but I don't apply any kernel patches.
>> Is this "safe", or I must apply some security patch?
>
> None of the rece
On Sun, Apr 11, 2004 at 11:15:10AM +0200, LeVA wrote:
> I always compile the latest stable 2.4 kernel with loadable modules
> disabled, but I don't apply any kernel patches.
> Is this "safe", or I must apply some security patch?
None of the recent kernel-level vulnerabilities have required module
On Sun, Apr 11, 2004 at 11:15:10AM +0200, LeVA wrote:
> I always compile the latest stable 2.4 kernel with loadable modules
> disabled, but I don't apply any kernel patches.
> Is this "safe", or I must apply some security patch?
None of the recent kernel-level vulnerabilities have required module
On 04/11/04 21:15, LeVA wrote:
2004. április 11. 06:21 dátummal Noah Meyerhans ezt írta:
On Sat, Apr 10, 2004 at 09:19:00PM +0200, LeVA wrote:
Only as ftp. But there have been a number of locally exploitable
kernel vulnerabilities fairly recently, and an attacker could use one
of these to obt
2004. április 11. 06:21 dátummal Noah Meyerhans ezt írta:
> On Sat, Apr 10, 2004 at 09:19:00PM +0200, LeVA wrote:
>
> Only as ftp. But there have been a number of locally exploitable
> kernel vulnerabilities fairly recently, and an attacker could use one
> of these to obtain root access once they
On 04/11/04 21:15, LeVA wrote:
2004. április 11. 06:21 dátummal Noah Meyerhans ezt írta:
On Sat, Apr 10, 2004 at 09:19:00PM +0200, LeVA wrote:
Only as ftp. But there have been a number of locally exploitable
kernel vulnerabilities fairly recently, and an attacker could use one
of these to obtain
2004. április 11. 06:21 dátummal Noah Meyerhans ezt írta:
> On Sat, Apr 10, 2004 at 09:19:00PM +0200, LeVA wrote:
>
> Only as ftp. But there have been a number of locally exploitable
> kernel vulnerabilities fairly recently, and an attacker could use one
> of these to obtain root access once they
On Sat, Apr 10, 2004 at 09:19:00PM +0200, LeVA wrote:
> I am just curious, that if my proftpd runs as user 'ftp', than the one
> who uses this vulnerability could only run arbitrary code as user ftp,
> or as root?
Only as ftp. But there have been a number of locally exploitable kernel
vulnerabi
On Sat, Apr 10, 2004 at 09:19:00PM +0200, LeVA wrote:
> I am just curious, that if my proftpd runs as user 'ftp', than the one
> who uses this vulnerability could only run arbitrary code as user ftp,
> or as root?
Only as ftp. But there have been a number of locally exploitable kernel
vulnerabi
2004. április 10. 18:09 dátummal [EMAIL PROTECTED] ezt írta:
> Proftp was vulnerable to this one:
> http://www.kb.cert.org/vuls/id/405348 but I don't consider it a high
> risk, because someone would have to upload the file. The passwords
> were reasonably secure.
>
Hi!
I am just curious, that if m
2004. április 10. 18:09 dátummal [EMAIL PROTECTED] ezt írta:
> Proftp was vulnerable to this one:
> http://www.kb.cert.org/vuls/id/405348 but I don't consider it a high
> risk, because someone would have to upload the file. The passwords
> were reasonably secure.
>
Hi!
I am just curious, that if m
>When was the last time you could login? Have you done any changes since then?
>
>Try copying the /etc/passwd and /etc/shadow to a test machine and see if it
>lets you login then (IE test if it is actually a password change or something
>broken in PAM etc).
There was a total of 5 hours betwe
>When was the last time you could login? Have you done any changes since then?
>Try copying the /etc/passwd and /etc/shadow to a test machine and see if it
>lets you login then (IE test if it is actually a password change or something
>broken in PAM etc).
There was a total of 5 hours between
On Sat, 10 Apr 2004 04:22, [EMAIL PROTECTED] wrote:
> Is there anything ordinary that can cause passwords to be changed? I tried
> to log in last night and sshd wouldn't accept either my user's password or
> my root password. When I got physical access this morning, I couldn't log
> into the consol
On Sat, 10 Apr 2004 04:22, [EMAIL PROTECTED] wrote:
> Is there anything ordinary that can cause passwords to be changed? I tried
> to log in last night and sshd wouldn't accept either my user's password or
> my root password. When I got physical access this morning, I couldn't log
> into the consol
Incoming from [EMAIL PROTECTED]:
>
> If it was rooted, I need to get some source code off it. Can I just
stick the hard drive in another system, so I can get that source off
of it, and diff it to my backups?
Probably simpler to just boot from a CD and mount the filesystem you
need to get stuff o
Is there anything ordinary that can cause passwords to be changed? I tried to
log in last night and sshd wouldn't accept either my user's password or my root
password. When I got physical access this morning, I couldn't log into the
console either.
So, my first though is that I got rooted, and
Incoming from [EMAIL PROTECTED]:
>
> If it was rooted, I need to get some source code off it. Can I just
stick the hard drive in another system, so I can get that source off
of it, and diff it to my backups?
Probably simpler to just boot from a CD and mount the filesystem you
need to get stuff o
Is there anything ordinary that can cause passwords to be changed? I tried to log in
last night and sshd wouldn't accept either my user's password or my root password.
When I got physical access this morning, I couldn't log into the console either.
So, my first though is that I got rooted, and
20 matches
Mail list logo
