Hello,
yeah, that box has been taken over. Now, before you nuke it and
reinstall from some trusted media, I'd try and give finding out what
exactly happened a shot. My point is that if they got in through e.g. a
flaw in a custom web app, just newly setting up the machine and
resetting the password
>> I'd be greatly surprised if the affected code looked different in 6.x.
>>
>
> There is No unsetenv in 6.2-RELEASE/src/libexec/rtld-elf/rtld.
> There Isunsetenv in 6.[34]-RELEASE/src/libexec/rtld-elf/rtld.
>
Yeah, I already saw that (and am surprised :) ).
My comment was just based
Hi,
> I am new to patching systems, so forgive "stupid" questions. We have some 6.1
> systems. Are or will there be a patch for them or are they not involved in
> this problem?
>
> I am new to patching systems, so forgive me any stupid questions. We have some
> 6.1 and 6.3 systems. Are or will ther
Reinstall from trusted media, then restore backups of your data (data
only, mind you).
I'd also really advise against using something with a security history
like phpBB's. FWIW, faulty PHP apps are one of the most common ways of
breaking into Unix-ish boxes for the kids nowadays.
Cheers, j.
__
