I wasa running a much older version of apache and openssl that i thought were ok but nooooooooo I guess this hack works with even the old stuff. I also didnt think somebody would be interested in my little private home email and web server. Oh well I learned my lesson. Now I ogts to go and get the apache, openssl, and the modssl patches.
On Thu, 2002-10-31 at 12:13, Vincent Danen wrote: > > On Thursday, October 31, 2002, at 12:52 PM, Bill Beauchemin wrote: > > > Some idiot hacked my system using either the chunked-encoding bug in > > Apache or the OpenSSL vulnerability to gain access. He ised a rootkit > > called tc6. The file is called tc6b.tgz this kit will send out all your > > passwords used on the system hacked. > > Can I ask why you haven't been keeping up with updates? Both of these > vulnerabilities have been corrected in updates. > > -- > MandrakeSoft Security; http://www.mandrakesecure.net/ > "lynx - source http://linsec.ca/vdanen.asc | gpg --import" > {FE6F2AFD: 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD} >
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
