Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Rooted, .haos on system

From: Julian Young <julian.young () nl compuware com>
Date: 17 Dec 2002 09:14:00 +0100
Damian,
 
        I am new at this so please pardon my ignorance. I see that the left a
 signature and email address , OK so you could contact them, but what
 would you say and what good would it do ?
 
 On fixed IP systems I have tended to avoid contact to avoid becoming a
 target rather than a random causality.
 
 Julian  
 
 On Mon, 2002-12-16 at 22:36, Damian Gerow wrote:

On Mon, 2002-12-16 at 15:31, Carlos Eduardo Pedroza Santiviago wrote:

No, for me this looks like:
   epc -> ptrace local exploit
   su -> su local exploit



They're old shit, and i guess your system wasn't updated.


(In case you missed the original post, this was a customer system, not
one of mine.  We are currently giving the customer heck for not keeping
up-to-date.)

I also didn't look too closely at the contents of loc.tgz, as I wasn't
too concerned as what they were.  However, I have since been informed of
the above (numerous times), and how to contact the people who wrote it,
and the people who cracked the system.

Thanks to all who helped out.  I've gotten about as much information on
this as I could possibly need.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

 



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: