|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Intresting problem concerning libresolv.so.2
From: Kevin Reardon (Kevin.Reardon
oracle.com)
Date: Thu Apr 17 2003 - 19:05:22 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Someone recompiled something?
---K
Sam Evans wrote:
> I've run into an interesting dilema with a machine that's running Solaris
> 8.. It would appear as if the /usr/lib/libresolv.so.2 file changed, but
> didn't really change..
>
> What I mean is this.. We run Tripwire on this box, and Tripwire reported
> that the hash sums were different than what it expected. Everything else
> was the same (timestamps, inode, block values, etc). This would indicate
> that the contents changed inside the file..
>
> What's also interesting is that this is the *only* file that was listed in
> the tripwire report for the day. Nothing else changed (at least according
> to Tripwire).
>
> Anyone have any thoughts on this? For what it's worth the box does run
> sendmail, and was patched for the March vulnerability, but not the April
> vulnerability.
>
> Thanks,
> Sam
>
> ----------------------------------------------------------------------------
> Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
> world's premier event for IT and network security experts. The two-day
> Training features 6 hand-on courses on May 12-13 taught by professionals.
> The two-day Briefings on May 14-15 features 24 top speakers with no vendor
> sales pitches. Deadline for the best rates is April 25. Register today to
> ensure your place. http://www.securityfocus.com/BlackHat-incidents
> ----------------------------------------------------------------------------
----------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
world's premier event for IT and network security experts. The two-day
Training features 6 hand-on courses on May 12-13 taught by professionals.
The two-day Briefings on May 14-15 features 24 top speakers with no vendor
sales pitches. Deadline for the best rates is April 25. Register today to
ensure your place. http://www.securityfocus.com/BlackHat-incidents
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]