Re: [HACKERS] Hacker found bug in Postgres ?
| От | Vince Vielhaber |
|---|---|
| Тема | Re: [HACKERS] Hacker found bug in Postgres ? |
| Дата | |
| Msg-id | Pine.BSF.4.05.9904271256510.13677-100000@paprika.michvhf.com обсуждение исходный текст |
| Ответ на | Hacker found bug in Postgres ? (Matthias Schmitt <freak001@mmp.lu>) |
| Ответы |
Re: [HACKERS] Hacker found bug in Postgres ?
|
| Список | pgsql-hackers |
On Tue, 27 Apr 1999, Matthias Schmitt wrote:
> Hello,
>
> this night we discovered here a strange behaviour on our servers. Somebody
> managed to get access to the UNIX shell using the 'postgres' db
> administrator account. He logged in some machines with a single try ! The
> password was not part of any dictionary. He tried some other accounts,
> without success. Under the user postgres he installed an 'eggdrop' program
> on the machine, implementing an IRC server.
>
> If you want to look on your servers, look for an ".elm/..." directory in
> the postgres home directory. You may discover too some processes named
> "./..." or "../ -m" running under the postgres user.
>
> Is there any chanche, that the postgres database contains a bug giving
> shell access ? Is there any chance to trace what happens on the postgres
> port ?
Is it possible the intruder guessed the password on the postgres
administrator's account? Or perhaps a script run via mail?
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: vev@michvhf.com flame-mail: /dev/null # include <std/disclaimers.h>
TEAM-OS2 Online Campground Directory http://www.camping-usa.com Online Giftshop Superstore
http://www.cloudninegifts.com
==========================================================================
В списке pgsql-hackers по дате отправления: