Your message dated Sun, 19 Feb 2012 10:02:37 +0000 with message-id <201202191002.37793.jmv_...@nirgal.com> and subject line Re: webalizer: remote exploit has caused the Debian Bug report #622897, regarding webalizer: remote exploit to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 622897: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622897 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: webalizer Version: 2.01.10-32.4 Severity: critical Tags: security Justification: root security hole A server I admin running Debian Lenny with the current version of webalizer installed was exploited through webalizer. Once the attackers had a shell, they used an unknown, presumably local, privilege escalation exploit to compromise several system binaries. The escalation happened later; the original attacker installed a phishing site within /var/www/.webalizer. I checked to make absolutely certain, and the version of webalizer running on the system WAS the most current in Lenny repos. It does not show as installed on the system currently, because I nuked it from orbit with great prejudice in the process of reclaiming my system from known good backups. -- System Information: Debian Release: 5.0.8 APT prefers oldstable APT policy: (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages webalizer depends on: ii debconf [debcon 1.5.24 Debian configuration management sy ii libc6 2.7-18lenny7 GNU C Library: Shared libraries ii libdb4.5 4.5.20-13 Berkeley v4.5 Database Libraries [ ii libgd2-xpm 2.0.36~rc1~dfsg-3+lenny1 GD Graphics Library version 2 ii libgeoip1 1.4.4.dfsg-3+lenny1 A non-DNS IP-to-country resolver l ii libpng12-0 1.2.27-2+lenny4 PNG library - runtime ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime webalizer recommends no packages. Versions of packages webalizer suggests: ii apache2-mpm-prefork [htt 2.2.9-10+lenny9 Apache HTTP Server - traditional n
--- End Message ---
--- Begin Message ---Package: webalizer That report is considered invalid by all comments. Therefore, I'm closing it. It prevents testing migration.signature.asc
Description: This is a digitally signed message part.
--- End Message ---