Linux Today: Linux News On Internet Time.

More on LinuxToday

ZDNet UK: Debian Attacker May Have Used New Exploit

Dec 01, 2003, 10:00 (1 Talkback[s])
(Other stories by Matthew Broersma)

"An as-yet-unknown security exploit in Linux may have been responsible for a recent compromise of Debian.org's servers, according to a system administrator with the Debian operating system project.

"Initial investigations of the security breach, which occurred on 19 November, indicate that the attacker was able to gain full control of Debian servers after logging on via unprivileged accounts, known as privilege escalation, according to James Troup, part of the team handling Debian's distribution.

"'I believe that there was an as-yet-unknown local root exploit used to go from having local unprivileged access to having root,' Troup wrote in an email to a Debian mailing list on Friday. 'There is [I believe] an unknown local root exploit in the wild...'"

Complete Story

Related Stories: