Results 1 to 5 of 5

Thread: OpenSSH package on openbsd.org trojaned

Thread Tools
- Show Printable Version
Display
- Switch to Linear Mode
- Switch to Hybrid Mode
- Threaded Mode

Threaded View

August 1st, 2002, 11:17 AM #1
Guus

View Profile

View Forum Posts

Visit Homepage
Hi mom!

Join Date

Aug 2001

Posts

1,103
OpenSSH package on openbsd.org trojaned

Edwin Groothuis reports in this FreeBSD Security Mailinglist post that the OpenSSH package on ftp.openbsd.org, and possibly all mirrors, is trojaned. Makefile.in has been modified, an generates a shell-script that tries to connect to 203.62.158.32:6667 (web.snsonline.net).

This is the md5 checksum of the openssh-3.4p1.tar.gz in the FreeBSD ports system:
MD5 (openssh-3.4p1.tar.gz) = 459c1d0262e939d6432f193c7a4ba8a8

This is the md5 checksum of the trojaned openssh-3.4p1.tar.gz:
MD5 (openssh-3.4p1.tar.gz) = 3ac9bc346d736b4a51d676faa2a08a57

I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.
Reply With Quote

Quick Navigation *nix Security Discussions Top

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
[VIDEO] code is On
HTML code is Off

Forum Rules

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Thread: OpenSSH package on openbsd.org trojaned

Thread Tools

Display

Threaded View

OpenSSH package on openbsd.org trojaned

Posting Permissions