Bug 684981

Summary: Rootkit hack
Product: [Fedora] Fedora Reporter: Jazbo <wellspring3>
Component: kernelAssignee: Kernel Maintainer List <kernel-maint>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: 13CC: dcantrell, gansalmon, itamar, jonathan, kernel-maint, madhu.chinakonda
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-03-25 02:49:08 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
the file that was downloaded none

Description Jazbo 2011-03-14 22:18:06 UTC 
Description of problem:
My mothers computer was hacked with a program that seems to be
milw0rm. The hacker left the source file in C on her computer. I have
it and the IP address of the FTP server that he seemed to download it
from. I attached the file.


Version-Release number of selected component (if applicable):
2.6.34.8-68.fc13.i686.PAE


If you have any questions let me know
Comment 1 Jazbo 2011-03-14 22:19:41 UTC 
Created attachment 484321 [details]
the file that was downloaded
Comment 2 Dave Jones 2011-03-15 17:57:06 UTC 
This is CVE-2008-0009/CVE-2008-0010 which was fixed a long time ago.

This exploit wasn't the program used to gain entry to the machine.
On an affected machine, this exploit would have given a user account root privileges. It is not responsible for how the attacker got access to a user account in the first place.

if everything was up to date, this exploit should have failed to give the attacker root.
Comment 3 Chuck Ebbert 2011-03-25 02:49:08 UTC 
The security bug that this program exploits was fixed in Linux 2.6.25-rc1 and 2.6.24.2, so there is no way it was used to gain root privileges on that machine.