Re: Rooted, .haos on system

• Previous message: zeno: "Re: Rooted, .haos on system"
• In reply to: Carlos Eduardo Pedroza Santiviago: "Re: Rooted, .haos on system"
• Next in thread: David Gillett: "New CIFS (port 445) worm?"
• Reply: David Gillett: "New CIFS (port 445) worm?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Damian Gerow <damian@sentex.net>
To: incidents@securityfocus.com
Date: 16 Dec 2002 16:36:46 -0500

On Mon, 2002-12-16 at 15:31, Carlos Eduardo Pedroza Santiviago wrote:
> No, for me this looks like:
> epc -> ptrace local exploit
> su -> su local exploit
>
> They're old ***, and i guess your system wasn't updated.

(In case you missed the original post, this was a customer system, not
one of mine. We are currently giving the customer heck for not keeping
up-to-date.)

I also didn't look too closely at the contents of loc.tgz, as I wasn't
too concerned as what they were. However, I have since been informed of
the above (numerous times), and how to contact the people who wrote it,
and the people who cracked the system.

Thanks to all who helped out. I've gotten about as much information on
this as I could possibly need.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

• Next message: H C: "Re: Win2k Audit Logs - What happened here?"
• Previous message: zeno: "Re: Rooted, .haos on system"
• In reply to: Carlos Eduardo Pedroza Santiviago: "Re: Rooted, .haos on system"
• Next in thread: David Gillett: "New CIFS (port 445) worm?"
• Reply: David Gillett: "New CIFS (port 445) worm?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]