/dev/mem exploit on Ubuntu

Kristian Hermansen kristian.hermansen at gmail.com
Wed Aug 1 12:44:55 UTC 2007

Just thought someone (Kees) might want to check this one out :-)

From: "James E. Jones" <ceriofag at yahoo.com>
To: incidents at securityfocus.com
Date: Wed, 11 Jul 2007 09:07:09 -0700 (PDT)
Subject: 0day linux 2.6 /dev/mem rootkit found
I found one interesting tool on my server, with the
name 'Boxer 0.99 BETA3'. It's protected by ELFuck
linux executables obfuscator. Google doesn't know
anything about it.
Now, it is available at http://surfall.net/rel.tar.gz
(ELFuck password: 'notdead')
Anybody seen it before?
Kristian Hermansen

More information about the ubuntu-server mailing list