Date: Fri, 31 Aug 2001 22:10:19 +0000 From: "The Marino's" <postroad@mediaone.net> To: freebsd-security@freebsd.org Subject: Tagged by Spissatus Message-ID: <3B900B4B.119FBA2F@mediaone.net>
next in thread | raw e-mail | index | archive | help
I was configuring a new server and foolishly put it on the wire while I
was configuring. Anonymous ftp was enabled and I got an Upload that was
a nasty directory tree with some Divx files;
Tagged:
By Spissatus:
Scan by Riot 667
Upload by spissatus
Dx2 Missing files
Deep Blue Sea:
Lots of DiVX files.
Is this as simple as it looks or is this a deeper exploit that may have
comprimised any user accounts?? I yanked out world write access but it
came back a few hours later. The GID of the ftp user is 5(operator) and
the /var/ftp directory is root:operator. Is that normal for a 4.3-stable
release out of the box or have they gotten enough information to run
"chown" and "chmod"?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B900B4B.119FBA2F>