Re: Wu-ftpd 2.6.2

From: Przemyslaw Frasunek (venglinat_private)
Date: Fri Apr 19 2002 - 14:47:33 PDT

Next message: Weber, Markus: "Anyone caught a packet of ... ?"

Previous message: Dan Irwin: "illogic rootkit"
In reply to: Costas Karafasoulis: "Wu-ftpd 2.6.2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"Costas Karafasoulis" <karafasat_private-t.gr> napisal(a):

>   - 15 days ago it was hacked through wu-ftpd 2.6.1 and the attacker
> patched the system to wu-ftpd 2.6.2 
>     (he had transferred his binary files for wu-ftpd 2.6.2, so I can
> not

According to the logs, system was compromised by exploiting SITE EXEC
formatting vulnerability present in wu-ftpd 2.6.0 (patched June 2000).

-- 
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslawat_private ** PGP: D48684904685DF43EA93AFA13BE170BF *

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Weber, Markus: "Anyone caught a packet of ... ?"
Previous message: Dan Irwin: "illogic rootkit"
In reply to: Costas Karafasoulis: "Wu-ftpd 2.6.2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 19 2002 - 18:35:28 PDT