najpierw irssi teraz bitchx?

Witek Kręcicki adasi w grubno.da.ru
Pon, 1 Lip 2002, 20:03:40 CEST


----- Original Message -----
From: "Łukasz J. Mozer" <baseciq-news w europa.fcp.edu.pl>
> A few hours ago (1 AM US/Eastern time, July 1) we downloaded
> ircii-pana-1.0c19.tar.gz from ftp.bitchx.com (216.165.191.5) and
> reviewed the configure script before running it. It has essentially
> the same configure backdoor as fragroute-1.2.tar.gz[1] -- a TCP
> connection is made outbound, with a shell bound to it (a reverse
> telnet).  This appears to retry/respawn once per hour.  The 1.0c19
> tarball at ftp.irc.org (which mirrors bitchx.com) did not appear to be
> trojaned when we pulled from there about an hour later.
>
> http://online.securityfocus.com/archive/1/280009/2002-06-28/2002-07-04/0
>
> Za bugtraq && pl.irc
z securityfocus:
<cite>
/dist$ md5sum ircii-pana-1.0c19*
46805199254c0fa2119d7c579194aba8  ircii-pana-1.0c19-bitchxorg.tar.gz [bad]
79431ff0880e7317049045981fac8adc  ircii-pana-1.0c19-ircorg.tar.gz   [good]
</cite>
z BX sciagnietego z repo:
[adasi w ep09 SOURCES]$ md5sum ircii-pana-1.0c19.tar.gz
79431ff0880e7317049045981fac8adc  ircii-pana-1.0c19.tar.gz
Czyli raczej nie mamy sie o co martwic...
WK






Więcej informacji o liście dyskusyjnej pld-devel-pl