> Does anyone have anything further on this one. The article gives few
> details.
>
> I wonder if this could be the mysterious Todd vulnerability (8-)
Unless he was reffering to well known vulnerabilities in wuftp and
rpc.statd.
>From my reading on slashdot and securityfocus, this seems to be the same
thing.
It is basically a variant on a rootkit that scans for more redhat machines
infected with wuftp and rpc.statd. ooops did i say infected? i meant
installed. neway, its really just a rootkit + scanner.
Moral of the story is to always keep up to date with security patches (both
have been fixed ages ago) and shut down anthing you don't need.
Hope that helps,
Dave
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
