Re: [Nolug] BLASTER...

From: Alex McKenzie <alex_at_boxchain.com>
Date: Wed, 13 Aug 2003 21:33:05 -0500
Message-ID: <3F3AF4E1.2050603@boxchain.com>

Ron Johnson wrote:
> I'm fully aware that "superior" doesn't mean "perfect".
>
> Besides, why not use scp instead? Only "distribution sites"
> need internet-routeable ftp...
>

Eh, this is a distrubtion site that got compromised. NOT just the ftp
server code. Here, I'll do some pasting:
        
CERTŪ Advisory CA-2003-21 GNU Project FTP Server Compromise
Original issue date: August 13, 2003
Last revised: --
Source: CERT/CC

A complete revision history is at the end of this file.
Overview

The CERT/CC has received a report that the system housing the primary
FTP servers for the GNU software project was compromised.

I. Description

The GNU Project, principally sponsored by the Free Software Foundation
(FSF), produces a variety of freely available software. The CERT/CC has
learned that the system housing the primary FTP servers for the GNU
software project, gnuftp.gnu.org, was root compromised by an intruder.
The more common host names of ftp.gnu.org and alpha.gnu.org are aliases
for the same compromised system. The compromise is reported to have
occurred in March of 2003.

The FSF has released an announcement describing the incident.

Because this system serves as a centralized archive of popular software,
the insertion of malicious code into the distributed software is a
serious threat. As the above announcement indicates, however, no source
code distributions are believed to have been maliciously modified at
this time.

-- 
Alex McKenzie     alex@boxchain.com     http://www.boxchain.com
___________________
Nolug mailing list
nolug@nolug.org
Received on 08/13/03

This archive was generated by hypermail 2.2.0 : 12/19/08 EST