Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.os.linux.security > #254
| From | Homer <usenet@slated.org> |
|---|---|
| Newsgroups | comp.os.linux.advocacy, comp.os.linux.security |
| Subject | Proprietary software vulnerability causes rootkit injection |
| Date | 2013-02-23 03:57 +0000 |
| Organization | Slated.org |
| Message-ID | <m9rlv9-rrv.ln1@sky.matrix> (permalink) |
| References | <kg7m30$6su$1@dont-email.me> <kg85us$t04$1@dont-email.me> |
Cross-posted to 2 groups.
Verily I say unto thee that Lusotec spake thusly: > > Chris Ahlstrom wrote: > >> https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229 >> >> SSHD rootkit in the wild >> Published: 2013-02-21, >> Last Updated: 2013-02-22 09:23:59 UTC >> >> There are a lot of discussions at the moment about a SSHD rootkit >> hitting mainly RPM based Linux distributions. >> Thanks to our reader unSpawn, we received a bunch of samples of the >> rootkit. The rootkit is actually a trojanized library that links with >> SSHD and does *a lot* of nasty things to the system. > > Here are some more interesting information on that. > http://www.webhostingtalk.com/showthread.php?t=1235797 From the available evidence it seems this security breach was cause by a proprietary application called CPanel, a notoriously insecure Web interface for configuring servers. Yet another good reason to choose Free Software. (Subject corrected.) -- K. | "You see? You cannot kill me. There is no flesh http://slated.org | and blood within this cloak to kill. There is Fedora 8 (Werewolf) on šky | only an idea. And ideas are bulletproof." kernel 2.6.31.5, up 122 days | ~ V for Vendetta.
Back to comp.os.linux.security | Previous | Next — Previous in thread | Next in thread | Find similar
Re: SSHD rootkit heads up Lusotec <nomail@nomail.not> - 2013-02-22 16:22 +0000
Re: SSHD rootkit heads up "Cola Zealot" <Cola_Zealot@fuckoff.com> - 2013-02-22 19:27 +0100
Re: SSHD rootkit heads up JEDIDIAH <jedi@nomad.mishnet> - 2013-02-22 13:50 -0600
Re: SSHD rootkit heads up Snit <usenet@gallopinginsanity.com> - 2013-02-22 21:11 -0700
Proprietary software vulnerability causes rootkit injection Homer <usenet@slated.org> - 2013-02-23 03:57 +0000
Re: Proprietary software vulnerability causes rootkit injection Snit <usenet@gallopinginsanity.com> - 2013-02-23 10:04 -0700
Re: Proprietary software vulnerability causes rootkit injection "Cola Zealot" <Cola_Zealot@fuckoff.com> - 2013-02-23 22:39 +0100
Re: Proprietary software vulnerability causes rootkit injection Snit <usenet@gallopinginsanity.com> - 2013-02-23 15:25 -0700
Re: Proprietary software vulnerability causes rootkit injection "Cola Zealot" <Cola_Zealot@fuckoff.com> - 2013-02-24 11:34 +0100
Re: Proprietary software vulnerability causes rootkit injection fuyang <cei@mail.huafeng.cma.gov.cn> - 2013-02-24 14:00 +0100
Re: Linux vulnerability causes rootkit injection "Cola Zealot" <Cola_Zealot@fuckoff.com> - 2013-02-24 16:42 +0100
Re: Linux vulnerability causes rootkit injection Hadron<hadronquark@gmail.com> - 2013-02-24 16:48 +0100
Re: Linux vulnerability causes rootkit injection "Ezekiel" <zeke@nosuchemail.com> - 2013-02-24 10:55 -0500
Re: Linux vulnerability causes rootkit injection GreyCloud <mist@cumulus.com> - 2013-02-24 09:34 -0700
Re: Linux vulnerability causes rootkit injection Denis McMahon <denismfmcmahon@gmail.com> - 2013-03-07 05:45 +0000
Re: Linux vulnerability causes rootkit injection Jim Beard <jdbeard@patriot.net> - 2013-03-07 10:05 -0500
Re: Linux vulnerability causes rootkit injection GreyCloud <mist@cumulus.com> - 2013-03-07 12:36 -0700
csiph-web