[SECURITY] Some Debian Project machines have been compromised

• Previous message: ronan o kane: "MSN messenger improper file transfer ip-address field parsing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 21 Nov 2003 17:46:47 +0100
To: bugtraq@securityfocus.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory http://www.debian.org/security/
Some Debian Project machines compromised security@debian.org
November 21st, 2003 debian-security-announce@lists.debian.org
- ------------------------------------------------------------------------

Some Debian Project machines have been compromised

This is a very unfortunate incident to report about. Some Debian
servers were found to have been compromised in the last 30 hours.

The archive is not affected by this compromise!

The security server is not yet restored and security updates are
currently not available.

In particular the following machines have been affected:

  . master (Bug Tracking System)
  . murphy (mailing lists)
  . gluck (web, cvs)
  . klecker (security, non-us, web search, www-master, qa)

Some of these services are currently not available as the machines
undergo close inspection. Some services have been moved to other
machines (www.debian.org for example).

The security archive will be verified from trusted sources before it
will become available again.

Please note that we have recently prepared a new point release for
Debian GNU/Linux 3.0 (woody), release 3.0r2. While it has not been
announced yet, it has been pushed to our mirrors already. The
announcement was scheduled for this morning but had to be postponed.
This update has now been checked and it is not affected by the
compromise.

We apologise for the disruptions of some services over the next few
days. We are working on restoring the services and verifying the
content of our archives.

Contact Information
- -------------------

For further information, please visit the Debian web pages at
<http://www.debian.org/> or send mail to <press@debian.org>.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD4DBQE/vkFtW5ql+IAeqTIRApL5AJjT8aptDgGwDV+5diAwFJo9M1lnAKCg46pU
D2oP7vcGYBJF0hFSD5YU6Q==
=7brj
-----END PGP SIGNATURE-----

• Previous message: ronan o kane: "MSN messenger improper file transfer ip-address field parsing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages CERT Advisory CA-2001-20 ... in compromises of home user machines. ... to date with security patches and workarounds, ... worm after it has infected a victim system. ... used to initially compromise the machine may not be enough. ... (Cert) [Full-Disclosure] - debian - ... Some Debian Project machines have been compromised ... The archive is not affected by this compromise! ... In particular the following machines have been affected: ... content of our archives. ... (Full-Disclosure) Re: recommended Virus Scanner? ... > This is totally piling on, but given this recent security compromise, ... you don't need to worry about viruses for GNU/Linux. ... - Yes, security matters. ... - The Debian project compromise, ... (Debian-User) [Full-Disclosure] [SECURITY] Some Debian Project machines have been compromised ... Some Debian Project machines have been compromised ... The archive is not affected by this compromise! ... The security server is not yet restored and security updates are ... In particular the following machines have been affected: ... (Full-Disclosure) Re: Fwd: ssh-keygen (SOLVED) ... 500 http://debian.savoirfairelinux.net stable/main Packages ... To make a long story short: there's been a security issue of ssh on ... debian. ... won't connect to or accept connections from insecure machines. ... (Debian-User)