[Sunhelp] Re: ufsd
Xavier Mertens
xavier at euro.net
Tue May 30 13:12:36 CDT 2000
Hi Kevin,
Uh? No /usr/lib/fs/ufs/ufsd file on my system!?
Have you more info on the hack you explained? I searched for "usfd" on
classical security sites but found nothing!
X
--
Xavier Mertens, . . EuroNet Internet "Contrary to popular belief,
NOC Manager . * a subsidiary of Unix is userfriendly. It
XM3-RIPE XM1-6BONE . France Telecom just happens to be selective
about who it makes friends
with."
On Tue, 30 May 2000, Kevin Maguire wrote:
> Hi
>
> I would check that your system has not been hacked. A recent hacking
> incident here revolved around vulnerabilities in some inetd controlled
> services, such as sadmind,cmsrd,....
>
> Our hacker dropped his own version of /usr/lib/fs/ufs/ufsd into place!
>
> It gave him a root shell prompt.
>
> Do a checksum on this file.
> /usr/lib/fs/ufs/ufsd/usr/lib/fs/ufs/ufsd
> Regards
> Kevin
>
> \\\|///
> \\ - - //
> ( @ @ )
> +---------------------oOOo-(_)-oOOo-------------------------+
> | Kevin Maguire Unix Support |
> | kmaguire at eso.org European Southern Observatory |
> | Tel:+49 (0)89 3200 6387 Karl-Schwarzschild-Strasse 2 |
> | Fax:+49 (0)89 3200 6380 D-85748 Garching bei Muenchen |
> +-----------------------------Oooo--------------------------+
> oooO ( )
> ( ) ) /
> \ ( (_/
> \_)
>
More information about the SunHELP
mailing list