On Mon, 7 Apr 2003, Jure Pecar wrote: > I just had a weird expirience ... In a server system, running a free webmail > service, i started getting weird oopsen. Both kernel versions are vulnerable to ptrace exploit (localy) (you said you-re running a free webmail, this mean cgi/php/whatever). Both kernels may not have been patched against NIC drivers problem which is possible remotely exploatable. > Error (expand_objects): cannot stat(/lib/ext3.o) for ext3 > ksymoops: No such file or directory > Error (expand_objects): cannot stat(/lib/jbd.o) for jbd > ksymoops: No such file or directory > Error (expand_objects): cannot stat(/lib/raid1.o) for raid1 > ksymoops: No such file or directory [snip] What is this? > but to press the reset button. Then, it started appearing again > seconds after the box came up. After another reboot at around 15:46, > it stopped. There are 517 oopsen recorded in the log from 15:12:31 to > 15:39:34. > > > Any ideas? > attack. system_call is the common point in oopsen on both machines. > Any ideas how to mess with this remotely? keywords: nic padding, maybe odirect. -- Tarhon-Onu Victor Network and System Engineer RDS Iasi - Network Operations Center Phone: +40-232-218385 _______________________________________________ Redhat-devel-list mailing list Redhat-devel-list@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/redhat-devel-list