Anno domini 2010 Izak Burger scripsit: Hi!
Nice reports :) > But there is one bit that gets me. It does this: > mkdir -p /usr/include/mysql > echo dropbear >> /usr/include/mysql/mysql.hh1 > It never does anything with that file, and that file does not exist on > a real system, so its almost like its leaving behind its business > card? Might that be a "all your passwords belong to us" file? I've had one cracked ssh(d) once, which wrote all passwords from clent and server connections to /usr/include/ssh.h IIRC. Maybe this on is something similar? Ciao Max -- Gib Dein Bestes. Dann übertriff Dich selbst! -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101222124549.ga25...@outback.rfc2324.org
