Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • Some quick ideas (Score:2, Informative)

    by IlyaM (2933) <ilya@martynov.org> on 2002.05.18 12:02 (#8545) Homepage Journal
    Do you run CVS pserver as root? In this case "hacker" could create CVS login entry which can give him/her root rights.

    For example:

    # access CVS as root with alternative password
    root:HACKER'S_CRYPTED_PASSWORD
    # alias some CVS login name to root UID
    hacker:HACKER'S_CRYPTED_PASSWORD:root

    Have you checked if commitinfo/loginfo/etc files are not modified. They can be used to run arbitrary code.

    You may want to check if you don't have any rootkits on your computer. Try www.chkrootkit.org [chkrootkit.org].

    --

    Ilya Martynov (http://martynov.org/ [martynov.org])

    • Here's the log entry in it's entirety:

      Date:   Saturday May 18, 2002 @ 8:10
      Author: cvs-axkit
       
      Update of /home/cvs/CVSROOT
      In directory ted:/tmp/cvs-serv32715
       
      Modified Files:
              passwd
      Log Message:
      hmm, try that again
       
      Index: passwd
      ===================================================================
      RCS file: /home/cvs/CVSROOT/passwd,v
      retrieving revision 1.1
      retrieving revision 1.2
      diff -b -u -r1.1 -r1.2
      --- passwd      2002/05/18 07:06:38