[ISN] Debian server hacked

From: InfoSec News (alerts@private)
Date: Thu Jul 13 2006 - 01:15:52 PDT


By Renai LeMay
ZDNet Australia
13 July 2006

The Debian GNU/Linux project today admitted a hacker had compromised one 
of its internal servers.

"Early this morning we discovered that someone had managed to compromise 
gluck.debian.org," Debian developer James Troup wrote in an e-mail to the 
Debian community shortly before 4am AEST.

"We've taken the machine offline and are preparing to reinstall it," Troup 
continued, noting a number of key services were currently offline as a 

The developer said Debian had initiated a security lock-down on most of 
its other servers, enforcing limited access to the resources.

"We're still investigating exactly what happened and the extent of the 
damage. We'll post more info as soon as we reasonably can," Troup said.

Troup added Debian would commence securing its other servers from "what we 
suspect is the exploit used to compromise gluck".

The embarassing security breach is not the first for Debian.

In November 2003 several of Debian's servers were similarly compromised 
and pulled offline. Troup was also one of the key developers investigating 
that incident.

ZDNet Australia has requested comment from the Debian Project about this 
morning's security breach.

Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.

This archive was generated by hypermail 2.1.3 : Thu Jul 13 2006 - 01:27:35 PDT