Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Re: [suse-security] Einbruchsversuch gelungen?
  • From: Christian Boltz <suse-security@xxxxxxxxx>
  • Date: Wed, 2 Mar 2005 12:59:18 +0100
  • Message-id: <200503021259.18922@xxxxxxxxxxxxxxx>
Hello,

Am Mittwoch, 2. März 2005 11:32 schrieb Reiner Pietrzak:
> Mar 2 04:15:00 pxxxxxxxx /USR/SBIN/CRON[18880]: (root) CMD
> (/root/confixx/confixx_counterscript.pl)
[...]
> Muss ich das als gelungenen Einbruchsversuch werten?

No, just a cronjob.

But: I hope you've installed the Confixx bugfixes. Without them, users
can do a "full backup" (including /etc/shadow!) of your system by
replacing ~/html or ~/files with a symlink to / and requesting a backup
via Confixx. (Backups are done as root!)
And they can overwrite files by hardlinking them and doing a restore.

This Bug affects Confixx version 2 and 3.

If you didn't install the Confixx updates at least remove the backup and
restore functionality from the webinterface.


Regards,

Christian Boltz
--
"Wouldn't the sentence 'I want to put a hyphen between the words Fish
and And and And and Chips in my Fish-And-Chips sign' have been clearer
if quotation marks had been placed before Fish, and between Fish and
and, and and and And, and And and and, and and and And, and And and
and, and and and Chips, as well as after Chips?" -- BSD fortune file


< Previous Next >
References