Security Incidents mailing list archives
Re: cron exploit?
From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Mon, 29 Sep 2003 19:26:53 +0200 (MET DST)
On Sun, 28 Sep 2003, Jeremy Hanmer wrote:
We just had a Debian (Woody) box get rooted, apparently by a cron exploit mentioned here: http://www.codon.org.uk/~mjg59/kern/jmb73bash
It appears someone unprivileged managed to put a new file into /etc/cron.daily, right? I would not call it a cron exploit because it was an "improper filesystem permissions exploit". --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation." --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- cron exploit? Jeremy Hanmer (Sep 29)
- Re: cron exploit? Pavel Kankovsky (Sep 29)
- Re: cron exploit? Matt Zimmerman (Sep 29)
- Re: cron exploit? Jeremy Hanmer (Sep 29)
- Re: cron exploit? Barry Fitzgerald (Sep 29)
- Re: cron exploit? Jeremy Hanmer (Sep 29)
- Re: cron exploit? Matt Zimmerman (Sep 29)
- Re: cron exploit? Jeremiah Cornelius (Sep 30)
- Re: cron exploit? Tim Greer (Sep 30)
- Re: cron exploit? Jeremy Hanmer (Sep 29)
- Re: cron exploit? Matt Zimmerman (Sep 29)