[expert] I'VE BEEN HACKED!!! Need upgraded wu-ftp for 7.1

Tue, 28 Nov 2000 18:54:20 -0800 

Hi gang,

Last night, my webserver machine (Mandrake 7.1) was "defaced".  The 
hacker got root access, and uploaded a script that went into every 
virtual host and replaced the index.htm(l) file with his own file.  His 
"defacement" included his email, and a link to his site: 
http://rsh.defacements.com

I sent the guy an email saying "thanks a lot pal... how did you do 
that?"  He replied:

> Yeah, I'm really sorry about wiping out your index files, there were quite 
> a few sites, and I didn't want to do it all by hand, so I made a script 
> for it, and I guess I coded it wrong, and it didn't copy the index's like 
> it was suppose to. Please except my apologies. Well, I got in using a big 
> hole in wuftpd 2.6.0(1), you should never use that, it's been a known vulnerability 
> since 1999. Again, I'm sorry. Take it easy,
> Scurvy.

I did the Mandrake-update thing, and updated wu-ftp, but it still is 
version 2.6.0(1).  I see there is a 2.6.1 rpm, I believe for version 
7.2.   I tried installing it, but it says it depends on XINTED.  I 
snagged that, but it says:
 /etc/init.d is needed by xinetd-2.1.8.9pre13-4mdk
        rpmlib(PayloadFilesHavePrefix) <= 4.0-1 is needed by xinetd-2.1.8.9pre13-4mdk
        libc.so.6(GLIBC_2.2) is needed by xinetd-2.1.8.9pre13-4mdk
        rpmlib(CompressedFileNames) <= 3.0.4-1 is needed by xinetd-2.1.8.9pre13-4mdk 

I tried installing INITSCRIPTS (the /etc/init.d), but it says:
 /etc/init.d is needed by xinetd-2.1.8.9pre13-4mdk
        rpmlib(PayloadFilesHavePrefix) <= 4.0-1 is needed by xinetd-2.1.8.9pre13
-4mdk
        libc.so.6(GLIBC_2.2) is needed by xinetd-2.1.8.9pre13-4mdk
        rpmlib(CompressedFileNames) <= 3.0.4-1 is needed by xinetd-2.1.8.9pre13-4mdk
[root@main /tmp]# rpm -ihv initscripts-5.27-38mdk.i586.rpm
error: failed dependencies:
        rpmlib(PayloadFilesHavePrefix) <= 4.0-1 is needed by initscripts-5.27-38mdk
        rpmlib(CompressedFileNames) <= 3.0.4-1 is needed by initscripts-5.27-38mdk 

So... what can a 7.1 user do to get the wu-ftp 2.6.1???

Please CC your reply directly to me: mailto:[EMAIL PROTECTED]

THanks!

Bob


Keep in touch with http://mandrakeforum.com: 
Subscribe the "[EMAIL PROTECTED]" mailing list.

Reply via email to