aparentemente foi causado por uma falha no ssh, onde o atacante
conseguiu assinar alguns pacotes com as chave's do fedora.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752
http://lists.centos.org/pipermail/centos-announce/2008-August/015195.html
http://rhn.redhat.com/errata/RHSA-2008-0855.html
http://www.redhat.com/security/data/openssh-blacklist.html
On 9/12/2008 1:40 PM, Henrique Junior wrote:
Hello, guys
I'm sorry if this list
is not the right place to post this question but I can't figure a
better place.
As a Fedora ambassador
(in Brazil) I've been asked by a lot of people about the recent
invasion in our servers. The question I've been asked yesterday was
“how it happened?”
I'd like to explain
here exactly what happened to make our users more comfortable and confident.
Please excuse my bad english.
Thanks
Henrique "LonelySpooky" Junior
________________________________
"In a world without walls and fences, who needs windows and gates?!"
Novos endereços, o Yahoo! que você conhece. Crie um email novo com a sua cara @ymail.com ou @rocketmail.com.
http://br.new.mail.yahoo.com/addresses
_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
