OpenBSD: OpenSSH Trojan Incident Severity And Network Threats
Aug 01, 2002
•
Anthony Pell
1 min read
Topics Covered
OpenSSH was trojaned yesterday. There is not little authoritative information on the situation. What is known is that the original file was exchanged with a trojaned file and was discovered because it had a different MD5 checksum. . . OpenSSH was trojaned yesterday. There is not little authoritative information on the situation. What is known is that the original file was exchanged with a trojaned file and was discovered because it had a different MD5 checksum.
The difference in the files says that it is not really a trojan because all it does is make a connection to 203.62.158.32 on port 6667. The difference is in the file:
openssh-3.4p1/openbsd-compat/Makefile.in
The tarball of OpenSSH on ftp.openbsd.org is trojaned. The backdoor is only used during the build. The binary affected is bf-test.c.
The Email message is available freebsd security.
The Advisory is available here.
The link for this article located at OpenSSH is no longer available.
PREVIOUS
NEXT
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!