Re: LOGWATCH EXPLOIT ROOT COMPROMISE
From: Ash (ashcrow@phreaker.net)Date: 03/30/02
- Previous message: Mike Donovan: "RE: Disk Wiping Utilities"
- In reply to: Bailey Kong: "LOGWATCH EXPLOIT ROOT COMPROMISE"
- Next in thread: jon schatz: "Re: LOGWATCH EXPLOIT ROOT COMPROMISE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 30 Mar 2002 15:17:31 -0500 From: Ash <ashcrow@phreaker.net> To: Bailey Kong <bailey@tgpsolutions.com>, security-basics@securityfocus.com
Can we have some linkage? I didn't find any information about it on
logwatch.org or linuxsecurity.com.
Cheers,
Ash
Bailey Kong wrote:
>if you haven't heard yet, root account can be compromised by a local account
>using logwatch.
>
>the current work around i got was to chattr +i /etc/passwd
>
>that makes it so /etc/passwd can't be modified, if and when you need to add
>a user you can simply do chattr -i /etc/passwd
>
>i hope no one has gotten compromised yet
>
>Bailey
>
>
>
>
- Previous message: Mike Donovan: "RE: Disk Wiping Utilities"
- In reply to: Bailey Kong: "LOGWATCH EXPLOIT ROOT COMPROMISE"
- Next in thread: jon schatz: "Re: LOGWATCH EXPLOIT ROOT COMPROMISE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
