From owner-freebsd-security  Fri Dec  1  2:47:41 2000
Delivered-To: freebsd-security@freebsd.org
Received: from nevermind.kiev.ua (unknown [212.109.53.33])
	by hub.freebsd.org (Postfix) with ESMTP id 7794A37B400
	for <freebsd-security@FreeBSD.ORG>; Fri,  1 Dec 2000 02:47:37 -0800 (PST)
Received: (from never@localhost)
	by nevermind.kiev.ua (8.11.1/8.11.1) id eB1AlDO30695;
	Fri, 1 Dec 2000 12:47:13 +0200 (EET)
	(envelope-from never)
Date: Fri, 1 Dec 2000 12:47:13 +0200
From: Nevermind <never@nevermind.kiev.ua>
To: Matjaz Martincic <matjaz.martincic@hermes.si>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Important!! Vulnerability in standard ftpd
Message-ID: <20001201124713.K2185@nevermind.kiev.ua>
References: <EA63CEA50DF8D311ABAD00B0D0211732211A09@hal9000.hermes.si>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <EA63CEA50DF8D311ABAD00B0D0211732211A09@hal9000.hermes.si>; from matjaz.martincic@hermes.si on Fri, Dec 01, 2000 at 11:42:20AM +0100
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Hello, Matjaz Martincic!

On Fri, Dec 01, 2000 at 11:42:20AM +0100, you wrote:

> If that is really a remote vulnerability, that is definitely not good at
> all. Are you having any local accounts on your machine Alexandr? That gives
> more chance that the machine was hacked some other way.
No, I had only trusted non-anonymous ftp accounts. And sure, very-trusted shell
accounts. All of them have full sudo, but all of us were using only ssh,
telnetd was closed, noone accessed to non-anonymous ftp from outside network.


> Nevermind wrote:
> > dirs. I'm 100% sure that it is hack. I've been hacked few month ago this
> way.
> > (with standard ftpd)
> 
>         Humm. Any evidence about the actual mechanism used to hack your
> machine? This is a very serious claim!
> 
>         Borja.
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

-- 
Alexandr P. Kovalenko	http://nevermind.kiev.ua/
NEVE-RIPE


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message