The copy I retrieved from openbsd.org was not infected. Was there site hacked since the original release of 3.4p1? Can anyone explain why the code was tampered with? -----Original Message----- From: Fabrizio Siciliano [mailto:fsicilianoat_private] Sent: Thursday, August 01, 2002 2:22 PM To: Steve Wright; vuln-devat_private Cc: bugtraqat_private Subject: RE: ssh trojaned The copy over at http:// packetstorm.linuxsecurity.com is not infected. ./fab > -----Original Message----- > From: Steve Wright [mailto:stevewat_private] > Sent: Thursday, August 01, 2002 6:49 AM > To: vuln-devat_private > Subject: ssh trojaned > > > > Hello, > > I'm no programmer so I'm hoping someone can confirm this for > me.. I am correct in thinking the trojan currently in OpenSSH > portable 3.4p1 only > runs during compilation ? > > ie a copy of ssh compiled using this source will not have > anything nasty > build into it ? > > Thanks, > Steve. >
This archive was generated by hypermail 2b30 : Fri Aug 02 2002 - 12:20:15 PDT