Linux distributor security list destroyed after hacker compromise
Summary: Hackers have compromised a private e-mail list used by Linux and BSD distributors to share information on embargoed security vulnerabilities and used a backdoor to sniff e-mail traffic
Hackers have compromised a private e-mail list used by Linux and BSD distributors to share information on embargoed security vulnerabilities and used a backdoor to sniff e-mail traffic, according to the moderator of the list.
In a note to "Vendor-Sec" members, moderator Marcus Meissner said he noticed the break-in on January 20 but warned that it might have existed for much longer.
I have disabled the specific backdoor, but as I am not sure how the break-in happened it might reappear. So I recommend not mailing embargoed issues to vendor-sec@....de at this time.
Immediately after Meissner's warning e-mail, the attacker re-entered the compromised machine and destroyed the installation.
The "Vendor-Sec" list is used by distributors of free/open-source OS and software to discuss potential distribution element (kernel, libraries, applications) security vulnerabilities, as well as to co-ordinate the release of security updates by members.
This means that a compromise and the capturing of e-mails could have serious consequences.
Meissner has since killed the list:
So everyone please consider vendor-sec@....de is dead and gone at this point, successors (or not) will hopefully result out of this discussion.
The H Security notes that this isn't the first compromise of the "Vendor-Sec" list. In 2005, black hat hackers reportedly hijacked a kernel exploit for root access from the list.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
RE: Linux distributor security list destroyed after hacker compromise
RE: Linux distributor security list destroyed after hacker compromise
I am sorry, couldn't resist it. LinuxGeek is the funniest character around here !! :D
RE: Linux distributor security list destroyed after hacker compromise
Nope, it's not just propaganda. I bet these are M$ hired crooks to defame OSS.
RE: Linux distributor security list destroyed after hacker compromise
Once hackers bother ...
So what was hacked?
C'mon shills. You can do better than that.
Why would UNIX developers be using Exchange?
LTV10 is Here - IT's SPIN TIME!!
Running home to mommy crying "they're picking on Linux! BooHoo!!"?
LOL!
Why would UNIX developers be using Exchange?
But you already knew that, ye.
~
And Will Ferret, no need to get emotional. Go take a chill pill. You're not doing stand up comedy at the moment.
lol...
RE: Linux distributor security list destroyed after hacker compromise
RE: Linux distributor security list destroyed after hacker compromise
You rants are nothing more than smoke and mirrors hiding holes in your beloved OS.
Windows XP SP3 Critical Rating
Vista SP1 and SP2 Critical Rating
Windows 7 Critical Rating
Dr.Sheldon Cooper, my existence is a continuum ? I remain what I am at each point within the appointed time period and see no reason to deviate from a system which works.
Come back when the holes in your beloved OS are patched.
RE: Linux distributor security list destroyed after hacker compromise
Yeah that's why the NVD documents 3642 flaws for Linux
Search the NVD if you dare...
Or simply wake-up from the fantasy and realize Linux is just as vulnerable as any other OS.
[i]~~~~~~~~~~
In security, we don't know what we don't know, and we're always learning something new.
~ Dan Holden, Director of HP DVLabs (research arm of TippingPoint)
But as usual, the weakest link is the nut behind the keyboard that is loose.
~ Rick_K[/i]
RE: Linux distributor security list destroyed after hacker compromise
You just searched a generic linux term to artificially generate a made up high number, instead of a single distribution. Using a single distribution such as Fedora 14 shows only 109.... Comparing all distributions, which will have the same vulnerabilities (100 plus distributions times the same hundred vulnerabilities) against a single Windows distribution, to make a false point, goes beyond a fanboy troll such as yourself.
Nice try, thanks for playing
RE: Linux distributor security list destroyed after hacker compromise
I see the truth hurts eh? Well why don't you provide substance to your assertions the same Linux vulnerability will appear hundreds of time (as you imply 1 for each distribution) from the official US Government source such as the NVD...
I dare you to prove you are not a liar!
And you are certainly not helping the cause of Linux by grasping at straws. Between your fanatical delusions or the official NVD institution which mission is:
[b]NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).[/b]
Only fools would listen to trolls like you.
Rick was right...
[i]~~~~~~~~~~
But as usual, the weakest link is the nut behind the keyboard that is loose.
~ Rick_K[/i]
RE: Linux distributor security list destroyed after hacker compromise
I am laughing right now, because we all know that the government is the best source to point out network and computer vulnerabilities. Why, look at Wikileaks and the leak of sensitive data from a closed network. All due to lack security standards. An operating system is only as secure as the practices of the people behind it. I guess there are some bridges for sale somewhere if you would like to believe the government reports on vulnerabilities. Even using this list, look up say, Windows XP SP3. 17 vulnerabilities with most of them being critical. Now look up Ubuntu 10.10. 2 vulnerabilities listed. There are many variations of Linux. Look up a specific build, and I bet you would be surprised.
Laughing doesn't make the root causes to the problem disappear...
One trivial example (to subtantiate, just search for):
[i][b]Critical Vulnerability Silently Patched in Linux Kernel[/b]
Aug 18, 2010, 21 :47 UTC
(Other stories by Lucian Constantin) from LinuxToday.com
"A highly dangerous privilege escalation vulnerability, which can allow an attacker to execute arbitrary code as root from any GUI application, has been patched in the Linux kernel.
"The flaw was discovered by Rafal Wojtczuk, principal researcher at Invisible Things Lab (ITL), a security research company based in Poland.
"According to Joanna Rutkowska, founder of ITL, the bug was discovered while Mr. Wojtczuk was working on GUI virtualization in Qubes OS, an operating system developed by the company, in which every application runs in a separate virtual machine." "[/i]
Want just one more (to be fair to Linux)? Simply search for [b]Linux Critical Vulnerability[/b]
[i]~~~~~~~~~~
The truth is incontrovertible, malice may attack it, ignorance may deride it, but in the end; there it is.
~ Winston Churchill
He who laughs, lasts!
~ Mary Pettibone Poole[/i]
Well here's the exploits list
https://help.ubuntu.com/community/Linuxvirus
C'mon, windoze fanbuis. Most are so old and irrelevant as to be counted. They can be counted on two hands.
Now do you all really want the bandwidth taken up here with windoze swiss cheese?
Same goes true for you beloved OS choyongpil
But then people like you can't take as good as you give from what i have been finding out.
"BooHoo, everybody's picking poor little Linux apart - meanies!" LOL!
LTV10 you should change you name to "Wirlpool"
because you act like a washine machine - ALWAYS on SPIN CYCLE!!!