|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Security Admin (security
cyberlink.ch)Date: Mon Jun 24 2002 - 08:03:14 CDT
On Thu, Jun 20, 2002 at 06:06:03PM -0400, Klaus, Chris (ISSAtlanta) wrote:
> 3) ISS was not aware of other researchers discovering this
> vulnerability nor aware of it in the wild at the time of the release of the
> advisory.
We've got reason to believe that this was already known to some
black hats by April the 19th. For linux on intel.
A Friend of mine had a machine compromised on April 19. The intruder
managed to get a shell as user www-data. He hadn't any leads on how
the break-in happened, except for a few thousand lines in the logfile
like this:
[Fri Apr 19 11:06:35 2002] [notice] child pid 25613 exit signal
Segmentation fault (11)
Incidentally, this corresponds to the effect the exploit from
gobbles shows.
Peter Keel
-- Operator in charge for Security Tel +41 1 287 2992 Cyberlink Internet Services AG Fax +41 1 287 2991 Richard Wagnerstrasse 6 admin
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]