On Thu, Feb 21, 2013 at 6:03 PM, Johnny Hughes <johnny@xxxxxxxxxx> wrote: > > This issue is not CentOS specific ... here is another discussion: > > http://www.webhostingtalk.com/showthread.php?t=1235797 > > The issue seems to be that someone with local access elevates their > privileges in some manner, and after they upgrade their privileges they > are then putting a new libkeyutils*.so file on the machine. But don't forget that what the kernel people call 'local' access really means any bug in any network application that lets you execute an arbitrary command even if it is non-root - and those have historically been pretty common. -- Les Mikesell lesmikesell@xxxxxxxxx _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: SSHD rootkit in the wild/compromise for CentOS 5/6?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: SSHD rootkit in the wild/compromise for CentOS 5/6?
- From: Les Mikesell <lesmikesell@xxxxxxxxx>
- Date: Fri, 22 Feb 2013 13:50:15 -0600
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <5126B5B5.70700@centos.org>
- Follow-Ups:
- Re: SSHD rootkit in the wild/compromise for CentOS 5/6?
- From: Johnny Hughes
- Re: SSHD rootkit in the wild/compromise for CentOS 5/6?
- From: Eero Volotinen
- Re: SSHD rootkit in the wild/compromise for CentOS 5/6?
- References:
- SSHD rootkit in the wild/compromise for CentOS 5/6?
- From: Gilbert Sebenste
- Re: SSHD rootkit in the wild/compromise for CentOS 5/6?
- From: Johnny Hughes
- SSHD rootkit in the wild/compromise for CentOS 5/6?
- Prev by Date: Re: Warning: Your BIOS is broken
- Next by Date: Re: SSHD rootkit in the wild/compromise for CentOS 5/6?
- Previous by thread: Re: SSHD rootkit in the wild/compromise for CentOS 5/6?
- Next by thread: Re: SSHD rootkit in the wild/compromise for CentOS 5/6?
- Index(es):
 |