Re: AW: AW: [sqlite] SQLite website hacked

2004-06-25 Thread D. Richard Hipp
Matthias Zirngibl wrote: Arg! "cvs -v" tells me 1.11.5, which is ancient. I've been doing apt-get update apt-get upgrade which I thought was suppose to keep me up to date with all security patches. But I guess not Anonymous CVS access has been disabled until I can get this fixed. Som

Re: AW: AW: [sqlite] SQLite website hacked

2004-06-25 Thread D. Richard Hipp
Matthias Zirngibl wrote: Arg! "cvs -v" tells me 1.11.5, which is ancient. I've been doing apt-get update apt-get upgrade which I thought was suppose to keep me up to date with all security patches. But I guess not Anonymous CVS access has been disabled until I can get this fixed. Som

Re: [sqlite] SQLite website hacked

2004-06-25 Thread D. Richard Hipp
Cesare D'Amico wrote: Did you update your kernel (and rebooted) recently? Various vulnerabilities have been discovered during the last months (debian network has been cracked too, some months ago). Kernel version 2.4.26 up 26 days. Attack was 3 days ago. -- D. Richard Hipp -- [EMAIL PROTECTED]

Re: [sqlite] SQLite website hacked

2004-06-25 Thread D. Richard Hipp
Marco Bambini wrote: On 25/giu/04, at 17:34, D. Richard Hipp wrote: 3 days ago, somebody broke into the SQLite website and defaced the CVSTrac homepage. (www.cvstrac.org and www.sqlite.org share the same machine.) You are not alone: http://www.zone-h.org/en/defacements/filter/filter_defacer=Russ

AW: AW: AW: [sqlite] SQLite website hacked

2004-06-25 Thread Matthias Zirngibl
> apt-upgrade is giving me the following error. Can anyone explain? > > > Setting up util-linux (2.11n-7) ... > dpkg: error processing util-linux (--configure): > subprocess post-installation script returned error exit > status 2 Errors were encountered while processing: > util-linux > E: S

Re: AW: [sqlite] SQLite website hacked

2004-06-25 Thread Michael Roth
D. Richard Hipp wrote: Arg! "cvs -v" tells me 1.11.5, which is ancient. I've been doing apt-get update apt-get upgrade which I thought was suppose to keep me up to date with all security patches. But I guess not For Debian 'woody' the latest cvs is 1.11.1p1, for Debian 'sarge' the lat

Re: AW: [sqlite] SQLite website hacked

2004-06-25 Thread Derrell . Lipman
"D. Richard Hipp" <[EMAIL PROTECTED]> writes: > Somebody please instruct me on the proper way to get security > updates for debian Be sure you have the following line in /etc/apt/sources.list and prior to doing "apt-get update ; apt-get upgrade" deb http://security.debian.org/ stable/updat

AW: AW: [sqlite] SQLite website hacked

2004-06-25 Thread Matthias Zirngibl
> Arg! "cvs -v" tells me 1.11.5, which is ancient. I've been doing > > apt-get update > apt-get upgrade > > which I thought was suppose to keep me up to date with all > security patches. But I guess not > > Anonymous CVS access has been disabled until I can get this fixed. > > S

Re: AW: [sqlite] SQLite website hacked

2004-06-25 Thread D. Richard Hipp
Matthias Zirngibl wrote: If you look on this site you see this entry: 2004/06/24 Russel-Aid Hcvs.designcommunity.com FreeBSD Looks like an CVS-server. Besides that it's FreeBSD, so it is unlikely a Linux flaw. Which version of CVS where you using at the time of the attack? Arg! "cvs -v" tel

[sqlite] SQLite website hacked

2004-06-25 Thread kenneth long
I recall, recently the CVS website posting a "security bulletin" They had to entirely rebuild their site. This was because the pserver (cvs bacground server) had a serious security flaw that allowed an attacker to run commands on the host. Here is a link to the details!!! http://www.cve.mitre.org

Re: [sqlite] SQLite website hacked

2004-06-25 Thread Cesare D'Amico
Alle 17:34, venerdì 25 giugno 2004, D. Richard Hipp ha scritto: > Anybody have any clues how an attacker might have gotten in? > Does anybody have any advice on how best to secure the system? Did you update your kernel (and rebooted) recently? Various vulnerabilities have been discovered during t

AW: [sqlite] SQLite website hacked

2004-06-25 Thread Matthias Zirngibl
> On 25/giu/04, at 17:34, D. Richard Hipp wrote: > > > 3 days ago, somebody broke into the SQLite website and defaced the > > CVSTrac homepage. (www.cvstrac.org and www.sqlite.org > share the same > > machine.) > > You are not alone: > http://www.zone-h.org/en/defacements/filter/filter_defac

Re: [sqlite] SQLite website hacked

2004-06-25 Thread Marco Bambini
On 25/giu/04, at 17:34, D. Richard Hipp wrote: 3 days ago, somebody broke into the SQLite website and defaced the CVSTrac homepage. (www.cvstrac.org and www.sqlite.org share the same machine.) You are not alone: http://www.zone-h.org/en/defacements/filter/filter_defacer=Russel-Aid/ Details at: h

Re: [sqlite] SQLite website hacked

2004-06-25 Thread Louis P. Santillan
It looks like you were not the only person to have their webserver hacked . Since you are running an "atypical" web server, chances are the cracker got in with either a Linux root kit, a ssh fl

[sqlite] SQLite website hacked

2004-06-25 Thread D. Richard Hipp
3 days ago, somebody broke into the SQLite website and defaced the CVSTrac homepage. (www.cvstrac.org and www.sqlite.org share the same machine.) I do not know how the attacker got in. The message left on the homepage of www.cvstrac.org was "Rooted by Russel-Aid'. www.sqlite.org runs a minimal De