[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Re: [TEKNIK] Bagdør i Linux.



Hans-Henrik Andresen wrote:
> 
> http://www.comon.dk/i/i.asp?id=5636
> 
> Bagdør i Red Hat Linux

Punkt 1.
Det var ikke en bagdør, det var en hoveddør, den var nemlig
dokumenteret, hvis man gad læse dokumentationen til webinterfacet
til Pirahna. Hvorfor redhat så sætter et default password til
et webinterface, det må guderne vide.

Punkt 2.
Derudover var der en sikkerhedsfejl i et af de phpscripts, der
udgør webinterfacet til Pirahna, så det tillod at man kunne
køre kommandoer på maskinen med de brugerrettigheder, som apache
kører med, dvs. nobody, så skaden er nok ikke så stor de fleste
steder.

-- 
MVH / Best Regards
Allan Jacobsen, AJ17-DK
IT nyheder set gennem danske briller: http://slashit.dk


 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2005-08-10, 21:38 CEST [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *