[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenSSH Security Advisory: Trojaned Distribution Files

To: Martin Reindl <mreindl@catai.org>
Subject: Re: OpenSSH Security Advisory: Trojaned Distribution Files
From: marius aamodt eriksen <marius@umich.edu>
Date: Thu, 1 Aug 2002 12:27:54 -0400
Cc: misc@openbsd.org
Content-Disposition: inline
References: <Pine.LNX.4.44.0208011237180.25510-100000@eduardo.segup> <JJEJJDDOENJFFIJDOGHMAEBGCFAA.mreindl@catai.org>
User-Agent: Mutt/1.3.27i

* Martin Reindl <mreindl@catai.org> [020801 11:53]:

> Think so ...
> The server bf-test.c is refering to (203.62.158.32:6667) was running
> FreeBSD Apache 1.3.24 with the well known bug from April 11th till
> August 1st (according to netcraft.com).
> Maybe somebody knows how the trojan got on ftp.openbsd.org.
> The idiots out there already start blaming OpenSSH and OpenBSD for this.
> Btw, Response time restoring the original files seems really fast, i
> couldn't find any modified openssh-3.4p1.tar.gz today.

also, the owner of that server was quite prompt in ensuring that port
6667 was no more accessible.

marius.

-- 
> marius@umich.edu > http://www.citi.umich.edu/u/marius

Follow-Ups:
- Re: OpenSSH Security Advisory: Trojaned Distribution Files
  - From: "Brian Szymanski" <bks10@cornell.edu>

References:
- Re: OpenSSH Security Advisory: Trojaned Distribution Files
  - From: Eduardo Augusto Alvarenga <eduardo-openbsd-misc.a8164a@thrx.dyndns.org>
- Re: OpenSSH Security Advisory: Trojaned Distribution Files
  - From: "Martin Reindl" <mreindl@catai.org>

Prev by Date: Re: mail command without sendmail or gateway without MTA?
Next by Date: Re: OpenBrick
Prev by thread: Re: OpenSSH Security Advisory: Trojaned Distribution Files
Next by thread: Re: OpenSSH Security Advisory: Trojaned Distribution Files
Index(es):
- Date
- Thread