I've heard from other mailing list that the systems was hit by the ptrace buffer overflow, and knowing the ptrace bug, which can _only_ be exploited locally. And the system was compromised last march 2003.
Parang inside job heh. On Thu, 14 Aug 2003 16:40:52 +0800 Rafael 'Dido' Sevilla <[EMAIL PROTECTED]> wrote: > Apparently, from what I see, what happened here is very scary. The > FSF admins running the site were responsible enough to patch their > systems regularly and often whenever a vulnerability and fix were > announced, but they wound up getting struck by a vulnerability that > didn't have a working fix until a week after they got rooted. In the > brief space of time between the exploit post and the patch. > > This incident should serve as ammunition for the full-disclosure / > partial-disclosure / security by obscurity debates. > > -- > Philippine Linux Users' Group (PLUG) Mailing List > [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) > Official Website: http://plug.linux.org.ph > Searchable Archives: http://marc.free.net.ph > . > To leave, go to http://lists.q-linux.com/mailman/listinfo/plug > . > Are you a Linux newbie? To join the newbie list, go to > http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie -- Jimmy Lim Operation & Support Team Leader Tricom -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
