From ftp.bitchx.org (msg in /pub):
* * * * * * A T T E N T I O N * * * * * *
Over the weekend of April 12th and 13th someone once again was releasing
back doored code for BitchX on a false ftp site that was linked from the
official BitchX Website. We stress to everyone to please take notice of
information that we post on http://faq.bitchx.org to help prevent these
problems from causing you to download falsified source code for BitchX.
--
So it's entirely possible the source you downloaded was backdoored; It
would have been nicer had you included the site you downloaded from.
According to bitchx.org it looks like it was only one off-site FTP.
As it was an 'official' FTP (the assumption we're making), whether
they're to blame or not is left for someone else to decide.
.Neeko Oni
(Hey Bugtraq mod, wake up.)
>
> --UlVJffcvxoiEqYs2
> Content-Type: text/plain; charset=iso-8859-2
> Content-Disposition: inline
> Content-Transfer-Encoding: 8bit
>
> Hi,
>
> Can anyone verify that the bitchx 1.0c19 sources are backdoored.
This archive was generated by hypermail 2b30 : Mon Apr 14 2003 - 15:44:08 PDT