Hacked - FreeBSD 7.1-Release

[Paul Procacci]

 >> But far as rtld vulnerability, doesn't it require at least a local
user account?

No, it requires a script and a kiddie.  ;)  You'd expect your
"index.php" (or similar) files would require a ftp/ssh/telnet
connection, but useful "kids" have useful resources 'n which these
things are not always required.

Anyone can execute any code (apparently) on your machine via the
exploit, having anything they want running on your machine, (i.e. that
can set their env to whatever they want and get access to your machine
pre -p5.

Your safest bet especially since you weren't patched to the latest
FreeBSD version which includes the rtld patch, is to simply not trust
your machine at all; regardless of whether you are patching it now or
not.  I'd personally save your data, reformat the machine, and reinstall
the items you need.

~Cheers

This message may contain confidential or privileged information.  If you are not the intended recipient, please advise us immediately and delete this message.  See http://www.datapipe.com/emaildisclaimer.aspx for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you.