From owner-freebsd-security Fri Dec 1 2:43:44 2000 Delivered-To: freebsd-security@freebsd.org Received: from guardian.hermes.si (guardian.hermes.si [193.77.5.150]) by hub.freebsd.org (Postfix) with ESMTP id 3A98C37B400 for ; Fri, 1 Dec 2000 02:43:40 -0800 (PST) Received: from hermes.si (primus.hermes.si [193.77.5.98]) by guardian.hermes.si (8.9.3/8.9.3) with ESMTP id LAA02702 for ; Fri, 1 Dec 2000 11:43:33 +0100 (MET) Received: (from uucp@localhost) by hermes.si (8.9.3/8.9.3) id LAA18626 for ; Fri, 1 Dec 2000 11:43:31 +0100 Received: from hal9000.hermes.si(10.17.5.136) by primus.hermes.si via smap (V2.1) id xma017039; Fri, 1 Dec 00 11:42:21 +0100 Received: by hal9000.hermes.si with Internet Mail Service (5.5.2650.21) id ; Fri, 1 Dec 2000 11:42:22 +0100 Message-ID: From: Matjaz Martincic To: freebsd-security@FreeBSD.ORG Subject: RE: Important!! Vulnerability in standard ftpd Date: Fri, 1 Dec 2000 11:42:20 +0100 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org If that is really a remote vulnerability, that is definitely not good at all. Are you having any local accounts on your machine Alexandr? That gives more chance that the machine was hacked some other way. rgds, Matjaz ---------------------- Nevermind wrote: > dirs. I'm 100% sure that it is hack. I've been hacked few month ago this way. > (with standard ftpd) Humm. Any evidence about the actual mechanism used to hack your machine? This is a very serious claim! Borja. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message