Unpatched Ubuntu community servers hacked
A number of Ubuntu community “LoCo” web servers were shutdown this week after discovering that they had been compromised and were being used to launch attacks on other systems.
An email and news letter to community members detailed how the systems were running numerous web applications and had not been patched for some time, meaning that any one of several security vulnerabilities (that had already been fixed) had allowed a hacker to gain root level access to the servers.
This compromise is another reminder of the importance of only installing the minimum amount of software required and ensuring that the system is patched as frequently as possible.
Reported by SecurityFocus and Zero Day Blog.
Posted by Jon 
18.Aug.07 
News, Security, Server, Ubuntu 
Read more 
Comments (0)
Fox News Website Unsecured
PC World magazine reports that a Fox news website, apparently running Apache on Ubuntu Server, was left unsecured by a miss-configuration in directory permissions. The flaw was discovered by the The Hacker Webzine, and was found to expose directories and a Linux script complete with user name and password to connect to an ftp service run by ZiffDavis. It’s an important reminder to ensure that your system is configured correctly.
Posted by Jon 23.Jul.07 Security, Server, Ubuntu Read more Comments (0)
