OpenSSH 3.4p1 trojaned -- RH/Debian OK?

IWETHEY v. 0.3.0 | TODO

1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User

Welcome to IWETHEY!

Post #47,751

by kmself

8/1/02 2:40:41 PM

OpenSSH 3.4p1 trojaned -- RH/Debian OK?

[link|http://docs.freebsd.org/cgi/getmsg.cgi?fetch=394609+0+current/freebsd-security|].

What's not provided here is information on what the MD5sums of the binaries are.

This is the md5 checksum of the openssh-3.4p1.tar.gz in the FreeBSD ports system: MD5 (openssh-3.4p1.tar.gz) = 459c1d0262e939d6432f193c7a4ba8a8 This is the md5 checksum of the trojaned openssh-3.4p1.tar.gz: MD5 (openssh-3.4p1.tar.gz) = 3ac9bc346d736b4a51d676faa2a08a57 Edwin

Nothing at Red Hat or Debian's pages. Latest releases of both (7.3 and Woody or testing/unstable respectively) are running 3.4p1-something, and I suspect it's the 'something' that's important.

-- Karsten M. Self [link|mailto:kmself@ix.netcom.com|kmself@ix.netcom.com] [link|http://kmself.home.netcom.com/|[link|http://kmself.home.netcom.com/|http://kmself.home.netcom.com/]] What part of "gestalt" don't you understand? [link|http://twiki.iwethey.org/twiki/bin/view/Main/|TWikIWETHEY] -- an experiment in collective intelligence. Stupidity. Whatever. Keep software free. Oppose the CBDTPA. Kill S.2048 dead. [link|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html|[link|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html|http://www.eff.org/...a_alert.html]]

Post #47,753

by a6l6e6x

8/1/02 3:14:18 PM

RH 7.3 has openssh-3.1p1-6

updated 2002/6/28 on my machine.

I run 'up2date' every few days.

Alex

"Television: chewing gum for the eyes." -- Frank Lloyd Wright

OpenSSH 3.4p1 trojaned -- RH/Debian OK? - (kmself) - (1) - Aug. 1, 2002, 02:40:41 PM EDT

RH 7.3 has openssh-3.1p1-6 - (a6l6e6x) - Aug. 1, 2002, 03:14:18 PM EDT

iwethey.org

Be careful. Zucchini can be dangerous if only wounded.
30 ms