-----BEGIN PGP SIGNED MESSAGE-----
On Thu, 29 Jul 1999, Gustavo Rios wrote:
> Does any body here knows something about rootshell attack?
> According some people at bos-br, they were hacked through qmail, which has
> some bug! (Nothing sure).
A recent attack? Or the one that took them down months ago? The
"official" word of the last attack was that it was a sniffed (root?)
password and/or some ssh+kerberos issue.
Of course, it's easy to use qmail to run commands if you have ftp access
and write permissions to the .qmail* files. Of course, this isn't
considered a bug.
Scott
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBN6CEUR4PLs9vCOqdAQHTWAP/TcuTQys/bZnvAxEVCXEnM8RQSBCkA2So
pafozclj70GXUvOkiIc/YOZjbNtMRdk4slWAprR4Srfr64rhi9l9uQjALp4Hd5Ix
MklXXXluhkcNsFEy2gCBAufhPDnT6b9Fp/8Jku0ABHQFqNDZtf1TSwUiuboctQEx
tVxEdpncP5M=
=UUql
-----END PGP SIGNATURE-----
