SaDIKuZboy" <[EMAIL PROTECTED]>
|> it could be something as a backdoor or an arbitrary service ... try |> to : cron -l it shows u a table with binary called to be run, |> report it and let's see what's there :o) Thanks for your help. Maybe you meant crontab -l? But I'm pretty certain in any case that the garbage in my syslog file does not reflect the activity of any cron-job. There's nothing remotely resembling it anywhere else in the logs. I've been through /etc/cron.daily weekly and monthly, and there is nothing in those scripts, as far as I can tell, that would produce the kind of output I have. "Kelley, Tim (CBS-New Orleans)" <[EMAIL PROTECTED]> wrote: |> looks like a buffer overflow attempt to me ... look at your |> security I'm sure it is. There is a buffer-overflow advisory against lprng. Local and remote users can send string-formatting operators to the printer daemon to corrupt the daemon's execution, potentially gaining root access. The messages in my syslog are close to identical to those reported at: http://ciac.llnl.gov/ciac/bulletins/l-025.shtml But the warnings I have seen all refer to versions prior to 3.6.26, and they all report the problem as fixed in versions since then. I have the version from debian testing which is 3.8.0 (it's the same in unstable). I've not had to deal with such an exploit before, so I would really appreciate any advice that's going. I've stopped the lprng daemon for now, until I can tighten things up. Thank you in advance, Jim -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
