RE: ssh trojaned

From: Rory Savage (rsavageat_private)
Date: Fri Aug 02 2002 - 08:24:49 PDT

Next message: Ash: "Re: It takes two to tango"

Previous message: Dan Cuthbert: "Re: ssh trojaned"
In reply to: Fabrizio Siciliano: "RE: ssh trojaned"
Next in thread: Grudge Mason: "Re: ssh trojaned"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The copy I retrieved from openbsd.org was not infected.  Was there site
hacked since
the original release of 3.4p1?  Can anyone explain why the code was tampered
with?

-----Original Message-----
From: Fabrizio Siciliano [mailto:fsicilianoat_private]
Sent: Thursday, August 01, 2002 2:22 PM
To: Steve Wright; vuln-devat_private
Cc: bugtraqat_private
Subject: RE: ssh trojaned


The copy over at http:// packetstorm.linuxsecurity.com is not infected.

./fab

> -----Original Message-----
> From: Steve Wright [mailto:stevewat_private]
> Sent: Thursday, August 01, 2002 6:49 AM
> To: vuln-devat_private
> Subject: ssh trojaned
>
>
>
> Hello,
>
> I'm no programmer so I'm hoping someone can confirm this for
> me.. I am correct in thinking the trojan currently in OpenSSH
> portable 3.4p1 only
> runs during compilation ?
>
> ie a copy of ssh compiled using this source will not have
> anything nasty
> build into it ?
>
> Thanks,
> Steve.
>

Next message: Ash: "Re: It takes two to tango"
Previous message: Dan Cuthbert: "Re: ssh trojaned"
In reply to: Fabrizio Siciliano: "RE: ssh trojaned"
Next in thread: Grudge Mason: "Re: ssh trojaned"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 02 2002 - 12:20:29 PDT