Gentoo: GLSA-200312-01 Normal: Remote Exploit on Rsync Server
gentoo
December 3, 2003
On December 2nd at approximately 03:45 UTC, one of the servers that makes up the rsync.gentoo.org rotation was compromised via a remote exploit
Summary
- --------------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200312-01 - --------------------------------------------------------------------------- GLSA: 200312-01 summary: rsync.gentoo.org rotation server compromised severity: normal date: 2003-12-02 CVE: None exploit: remote
DESCRIPTION:
On December 2nd at approximately 03:45 UTC, one of the servers that makes up the rsync.gentoo.org rotation was compromised via a remote exploit. At this point, we are still performing forensic analysis. However, the compromised system had both an IDS and a file integrity checker installed and we have a very detailed forensic trail of what happened once the box was breached, so weare reasonably confident that the portage tree stored on that box wasunaffected.
The attacker appears to have installed a rootkit and modified/deleted some files to cover their tracks, but left the server otherwise untouched. The box ...Read the Full Advisory
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS 
NEXT
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!