Red Hat Bugzilla – Bug 58454
Bad: security hole in version 2.6.1-16
Last modified: 2007-03-26 23:50:54 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2.1) Gecko/20010901
Description of problem:
My server (www.sjsocial.org) was hacked by someone who I am pretty sure entred
via wu-ftpd. I don't know how. I had the recommended version installed.
Version-Release number of selected component (if applicable):
I can't really offer much more information. When I discovered the hack I had to
reinsure the machine's integrity since the hacker changed basic binaries like
'ls' and created many entried in '/dev' so I have reformatted the disc in order
not to be off the air too long.
The source machine for the hack was in Germany, its ip started with:
Please update to 2.6.1-20.
Unfortunately, the update provided on the errata pages, to close security holes
is version 2.6.1-16 implying that it is secure when obviously it isn't. The
errata pages should be updated to version 2.6.1-20, shouldn't they?