|
Security Incidents
mailing list archives
DU4.0D FTPd hacked
From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Fri, 3 Nov 2000 16:18:17 -0500
hi all,
had a machine compromised on campus last week. it was a DEC UNIX 4.0D
machine, and had had the usual rounds of patches applied. compromise was
believed to have been through the FTP daemon (shipped with the OS, from
Digital), which was running anonymous FTP service (the machine is a file
server for a small field of research).
i am unable to see anything about the recent problems with string format
vulnerabilities (but would not be surprised if DU's FTPd was vulnerable to
this attack), or buffer overflows. these advisories are the closest i have
turned up:
http://packetstorm.securify.com/advisories/cert-nl/1998/S-98-27.asc
http://packetstorm.securify.com/advisories/cert-nl/1998/S-98-24.asc
http://packetstorm.securify.com/advisories/cert-nl/1998/S-98-26.asc
anyone know of any DU4.0D FTPd hacks out there? thanks.
jose nazario jose () cwru edu
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
 By Date 
By Thread
Current thread:
- DU4.0D FTPd hacked Jose Nazario (Nov 05)
|
Intro
