[TriLUG] Fwd: OpenSSH Security Advisory: Trojaned Distribution Files
Brian Daniels
bitmage at bellsouth.net
Thu Aug 1 12:11:13 EDT 2002
> > 1. Systems affected:
> >
> > OpenSSH version 3.2.2p1, 3.4p1 and 3.4 have been trojaned on the
> > OpenBSD ftp server and potentially propagated via the normal mirroring
> > process to other ftp servers. The code was inserted some time between
> > the 30th and 31th of July. We replaced the trojaned files with their
> > originals at 7AM MDT, August 1st.
> >
...
> >
> > When building the OpenSSH binaries, the trojan resides in bf-test.c
Things that make your blood run cold in the morning. I downloaded 3.4p1
yesterday at 5:43pm from ftp.openbsd.org to install on our webserver.
Oddly enough, it's not the trojaned version. No bf-test.c. And I got
stuck on the ./configure step and had to go deal with another problem so I
never got to make.
I think this is the first time I've ever been glad that ./configure failed.
:-)
The _really_ scary question is how they got into openbsd.org, and what else
did they mess with?
Brrr.
--Brian
--
Question with boldness even the existence of a god;
because if there be one he must approve of the
homage of reason more than that of blindfolded fear.
--Thomas Jefferson, Aug. 10, 1787
Brian Daniels bitmage at bellsouth.net
http://www.eviloverlord.net
More information about the TriLUG
mailing list