Hacked - FreeBSD 7.1-Release
mkushnir at lohika.com
Thu Dec 10 10:28:06 UTC 2009
As long as you have to re-install everything from scratch, you can
consider installing 8.0 and having your services jailed. The new jail is
announced to be much improved.
Paul Procacci wrote:
> >> But far as rtld vulnerability, doesn't it require at least a local
> user account?
> No, it requires a script and a kiddie. ;) You'd expect your
> "index.php" (or similar) files would require a ftp/ssh/telnet
> connection, but useful "kids" have useful resources 'n which these
> things are not always required.
> Anyone can execute any code (apparently) on your machine via the
> exploit, having anything they want running on your machine, (i.e. that
> can set their env to whatever they want and get access to your machine
> pre -p5.
> Your safest bet especially since you weren't patched to the latest
> FreeBSD version which includes the rtld patch, is to simply not trust
> your machine at all; regardless of whether you are patching it now or
> not. I'd personally save your data, reformat the machine, and reinstall
> the items you need.
> This message may contain confidential or privileged information. If you are not the intended recipient, please advise us immediately and delete this message. See http://www.datapipe.com/emaildisclaimer.aspx for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you.
> freebsd-stable at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
More information about the freebsd-stable