Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Vsftpd FTP Server Download Site Compromised
Posted by Philipp Esselbach on: 07/05/2011 04:25 PM [ Print | 0 comment(s) ]
Threatpost reports that someone was able to compromise a version of the vsftpd secure FTP server recently
The creator of vsftpd, security researcher Chris Evans, said in a blog post on Sunday that someone alerted him to the compromise and he subsequently found that one specific version of the server had been infected somehow.
"The backdoor payload is interesting. In response to a
smiley face in the FTP username, a TCP callback shell is attempted. There is no obfuscation. More interestingly, there's no attempt to broadcast any notification of installation of the bad package. So it's unclear how victims would be identified; and also pretty much guaranteed that any major redistributor would notice the badness. Therefore, perhaps someone was just having some lulz instead of seriously trying to cause trouble," Evans wrote.
"The backdoor payload is interesting. In response to a
smiley face in the FTP username, a TCP callback shell is attempted. There is no obfuscation. More interestingly, there's no attempt to broadcast any notification of installation of the bad package. So it's unclear how victims would be identified; and also pretty much guaranteed that any major redistributor would notice the badness. Therefore, perhaps someone was just having some lulz instead of seriously trying to cause trouble," Evans wrote.Vsftpd FTP Server Download Site Compromised
