[1011] in linux-security and linux-alert archive
[linux-security] qmail,wu.ftpd,deslogind, in.telnetsnoopd ?
daemon@ATHENA.MIT.EDU (Frank Parato)
Fri Aug 16 14:12:00 1996
Date: Tue, 13 Aug 1996 10:39:31 -0400 (EDT)
From: Frank Parato <fparato@gti.net>
To: linux-security@tarsier.cv.nrao.edu
Hello, I'm very new to this mailing list, so forgive me if I ask
questions about things that have already been discussed. However my
system was recently invaded by a complete outsider. The daemons above are
the only ones that are running on my machine. Does anyone know of any
security holes that give the exploiter root on any of the above daemons ?
qmail has the basic setup, I did not hear of any security holes in qmail
so all that was changed were local configurations
wu.ftpd does allow anonymous connections, it has its own bin directory,
(not /usr/bin), and the site exec option seems that it is non-functional.
deslogind hasn't been used in a long time, and was not compiled with -O2.
other that that.. I doubt theres a security hole in in.telnetsnoopd.
Anyone have any suggestions or ideas ?
Thanks
Frank Parato