|
Information Security News
mailing list archives
Red Hat hack prompts critical OpenSSH update
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 26 Aug 2008 04:31:36 -0500 (CDT)
http://www.theregister.co.uk/2008/08/22/red_hat_systems_hacked/
By John Leyden
The Register
22nd August 2008
Red Hat has warned that hackers were able to commandeer its systems and
tamper with code - but said that since its content distribution was not
hit, it is confident that polluted code has not served up to users.
The first hint that something was wrong came last week when Fedora
rebuilt its systems, a reconstruction that was accompanied by extended
outages. Red Hat sponsors the Linux distribution. Fortunately Fedora
packages weren't interfered with following the attack, but Red Hat
Enterprise Linux packages were touched up by as yet unidentified
miscreants.
"Last week Red Hat detected an intrusion on certain of its computer
systems and took immediate action," Red Hat said in a critical security
advisory [1] issued on Friday. "While the investigation into the
intrusion is ongoing, our initial focus was to review and test the
distribution channel we use with our customers."
While checks on its content distribution networks came back clean, it
did turn up some problems.
"An intruder was able to sign a small number of OpenSSH packages
relating only to Red Hat Enterprise Linux 4 (i386 and x86_64
architectures only) and Red Hat Enterprise Linux 5 (x86_64 architecture
only).
[1] https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html
[...]
__________________________________________________
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!
http://conference.hackinthebox.org/hitbsecconf2008kl/
 By Date 
By Thread
Current thread:
- Red Hat hack prompts critical OpenSSH update InfoSec News (Aug 26)
|
Intro
