http://www.theregister.co.uk/2008/08/22/red_hat_systems_hacked/ By John Leyden The Register 22nd August 2008 Red Hat has warned that hackers were able to commandeer its systems and tamper with code - but said that since its content distribution was not hit, it is confident that polluted code has not served up to users. The first hint that something was wrong came last week when Fedora rebuilt its systems, a reconstruction that was accompanied by extended outages. Red Hat sponsors the Linux distribution. Fortunately Fedora packages weren't interfered with following the attack, but Red Hat Enterprise Linux packages were touched up by as yet unidentified miscreants. "Last week Red Hat detected an intrusion on certain of its computer systems and took immediate action," Red Hat said in a critical security advisory [1] issued on Friday. "While the investigation into the intrusion is ongoing, our initial focus was to review and test the distribution channel we use with our customers." While checks on its content distribution networks came back clean, it did turn up some problems. "An intruder was able to sign a small number of OpenSSH packages relating only to Red Hat Enterprise Linux 4 (i386 and x86_64 architectures only) and Red Hat Enterprise Linux 5 (x86_64 architecture only). [1] https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/Received on Tue Aug 26 2008 - 02:31:36 PDT
This archive was generated by hypermail 2.2.0 : Tue Aug 26 2008 - 02:34:29 PDT