Important - Hackcheck problems - GLIB and FINDUTILS and NET-TOOLS

[stftk14]

Hello,

I have ran into several problems today.

Let me describe my situation:
- Last night I upgraded my cpanel to the EDGE version that screwed everything up, cpanel wouldnt start, etc.
- Last night after it got messed up, I downgraded to the Stable 3 version and all was fine.
- This morning I upgrade to E74 because the changelog shows the problems are fixed.

Now cpanel is working alright. But EVERY TIME I run Update Cpanel or /scripts/hackcheck, i get one of these emails:

"IMPORTANT: Do not ignore this email.
This message is to inform you that the rpm package findutils did not match the expected checksum. This could mean that your system was compromised (OwN3D). The offending files have been removed and replaced with the OS default. To be safe you should verify that your system has not be compromised.

Modified Files:
Unsatisfied dependencies for findutils-4.1.7-9: libc.so.6, libc.so.6(GLIBC_2.0), libc.so.6(GLIBC_2.1), libc.so.6(GLIBC_2.2), libc.so.6(GLIBC_2.2.3), libc.so.6(GLIBC_2.3)"


I went into my server and checked /lib, and of course, libc.so.6 IS there.

So it looks like for some reason, RPM cannot find the correct location of libc.so.6 file .

My questions:
- Was I hacked or was this just a issue with the update problems last night?
- How can I fix this problem with it not finding libc.so.6 ?


Thank you, I appreciate any help given.

 

[reddrake]

I can not duplicate (As we spoke already) Anyone else have the same problems?
Run
/scripts/hackcheck
mine checks out fine

Regards,
Brian

 

[stftk14]

anyone have ideas?

 

[WebHostPro]

Yep I got it a couple days back but the server is clean.

I wouldn't worry about it as much, it used to be accurate but now it may be a glitch. I think these are more like flags to check out.

They have told about hacked servers in the past and where correct.

 

[BuffaloWeb]

Same issue here:

IMPORTANT: Do not ignore this email.
This message is to inform you that the rpm
package findutils did not match the expected checksum. This could mean that
your system was compromised (OwN3D). The offending files have been removed
and replaced with the OS default. To be safe you should verify that your
system has not be compromised.

Modified Files:
Unsatisfied dependencies for findutils-4.1.7-9: libc.so.6(GLIBC_2.2.3)

 

[ripbud]

Just got this message... freaking out...slightly

I really don't know what I should check out...
Am I hacked or is this as this older thread indicates a "glicth" What exactly am I looking for to see if i'm hacked?

Thanks...

Messages:

IMPORTANT: Do not ignore this email.
This message is to inform you that the rpm
package net-tools did not match the expected checksum. This could mean that
your system was compromised (OwN3D). The offending files have been removed
and replaced with the OS default. To be safe you should verify that your
system has not be compromised.

Modified Files:
S.5..UG. /bin/netstat
S.5..UG. /sbin/ifconfig

and

IMPORTANT: Do not ignore this email.
This message is to inform you that the rpm
package findutils did not match the expected checksum. This could mean that
your system was compromised (OwN3D). The offending files have been removed
and replaced with the OS default. To be safe you should verify that your
system has not be compromised.

Modified Files:
S.5..UG. /usr/bin/find