LOGWATCH EXPLOIT ROOT COMPROMISE
From: Bailey Kong (bailey@tgpsolutions.com)Date: 03/29/02
- Previous message: Craig Skelton: "RE: Disk Wiping Utilities"
- In reply to: Nicola Cuomo: "Remote service start: Ntrights"
- Next in thread: Ash: "Re: LOGWATCH EXPLOIT ROOT COMPROMISE"
- Reply: Ash: "Re: LOGWATCH EXPLOIT ROOT COMPROMISE"
- Reply: jon schatz: "Re: LOGWATCH EXPLOIT ROOT COMPROMISE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Bailey Kong" <bailey@tgpsolutions.com> To: <security-basics@securityfocus.com> Date: Thu, 28 Mar 2002 22:14:14 -0800
if you haven't heard yet, root account can be compromised by a local account
using logwatch.
the current work around i got was to chattr +i /etc/passwd
that makes it so /etc/passwd can't be modified, if and when you need to add
a user you can simply do chattr -i /etc/passwd
i hope no one has gotten compromised yet
Bailey
- Previous message: Craig Skelton: "RE: Disk Wiping Utilities"
- In reply to: Nicola Cuomo: "Remote service start: Ntrights"
- Next in thread: Ash: "Re: LOGWATCH EXPLOIT ROOT COMPROMISE"
- Reply: Ash: "Re: LOGWATCH EXPLOIT ROOT COMPROMISE"
- Reply: jon schatz: "Re: LOGWATCH EXPLOIT ROOT COMPROMISE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
