Security Incidents mailing list archives
Re: Am I Hacked??
From: fernando () BN PT (Fernando Cardoso)
Date: Mon, 15 May 2000 10:32:39 +0100
There are at least 6 buffer overflow exploits for ProFTPd in Packetstorm... Fernando
-----Original Message----- From: zoo11 () 3DBOT COM [mailto:zoo11 () 3DBOT COM] Sent: sexta-feira, 12 de Maio de 2000 5:57 To: INCIDENTS () SECURITYFOCUS COM Subject: Am I Hacked?? Hi all. I'm relatevely new to this field. (sys admin and security) I've found this at my syslog. May 8 02:34:19 ns proftpd[22670]: FTP session opened: stock/users 202.79.159.5[ 202.79.159.5] May 8 02:38:16 ns proftpd[22687]: FTP session opened: stock/users ns.3dbot.com[ 211.32.116.200] May 8 02:38:18 ns proftpd[22687]: reallocating sreaddir buffer from 2816 bytes to 5632 bytes. May 8 02:38:20 ns proftpd[22687]: reallocating sreaddir buffer from 1280 bytes to 2560 bytes. May 8 02:38:23 ns proftpd[22687]: reallocating sreaddir buffer from 2304 bytes to 4608 bytes. May 8 02:38:28 ns proftpd[22687]: reallocating sreaddir buffer from 1792 bytes to 3584 bytes. May 8 02:38:29 ns proftpd[22687]: reallocating sreaddir buffer from 2816 bytes to 5632 bytes. May 8 02:38:32 ns proftpd[22687]: Warning, attempt to overflow internal ProFTPD buffers. May 8 02:38:49 ns last message repeated 20457 times and also found that connection had established from unknown system (maybe phili) is there any expolits of proftpd buffer overflow? thanks for your help.
Current thread:
- Am I Hacked?? Â÷ÁÖÇ (May 11)
- Re: Am I Hacked?? dorqus (May 15)
- Re: Am I Hacked?? Noel Koethe (May 15)
- Bugtraq Stats for the last 3 years available now. Alfred Huger (May 15)
- <Possible follow-ups>
- Re: Am I Hacked?? Fernando Cardoso (May 15)
- Re: Am I Hacked?? dorqus (May 15)