Re: List /home directory without logging in?
From: Steve Kemp (spam_at_steve.org.uk)
Date: 07/05/04
- Next message: Jem Berkes: "Re: List /home directory without logging in?"
- Previous message: Bit Twister: "Re: List /home directory without logging in?"
- In reply to: Alan Baker: "List /home directory without logging in?"
- Next in thread: Jem Berkes: "Re: List /home directory without logging in?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 5 Jul 2004 04:14:59 -0700
alanwbaker@yahoo.com (Alan Baker) wrote in message news:<4e2aa94d.0407042219.3a9d19c9@posting.google.com>...
> Someone recently tried to log into all the userids on my Linux box.
> First they connected several times via http, telnet, ftp, pop3, and
> imap but were unsuccessful in logging in. Then they tried every
> userid twice in alphabetical order via SSH. Also unsuccessfully.
> (Use those strong passwords, friends!)
>
> They didn't actually use the names in /etc/passwd, but instead tried
> all directory names under /home (including non-users like lost+found).
> This makes me wonder if the preliminary probes revealed /home's
> directory list.
>
> How could someone list /home without logging in? Is there a known
> vuln I'm missing?
I'd imagine that the most likely cause of this is an exploitable hole
in a CGI script, or other web application installed upon your machine.
This should be simple to test for - if you have the Apache logs then
you can look for lines that contain "../home" or similar.
Steve
-- # The Debian Security Audit Project. http://www.debian.org/security/audit
- Next message: Jem Berkes: "Re: List /home directory without logging in?"
- Previous message: Bit Twister: "Re: List /home directory without logging in?"
- In reply to: Alan Baker: "List /home directory without logging in?"
- Next in thread: Jem Berkes: "Re: List /home directory without logging in?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
