[rofug] Re: [Fwd: [rlug] Sendmail 8.12.6 contine un troian]

Alex Popa Wed, 09 Oct 2002 02:23:03 -0700

In general, merge-ul in sursele freebsd se face cu supraveghere, si in
plus era un trojan in sursa distribuita (.tgz or something), iar la noi
s-a importat (cel putin Makefile-ul) pe 23 august, iar infectia pare a
fi avut loc pe undeva pe la 28 septembrie.

In plus, fisierele de distributie sunt in general semnate cu PGP, si
sper ca developerii de freebsd sa le verifice inainte de a le rula.

One more thing: este un trojan care apare in timpul procesului de build
la sendmail... care la noi apare in timpul buildworld (sau make world),
si este in general urmat de un reboot.  Trojanul nu pare sa reziste la
reboot.

Alex

On Wed, Oct 09, 2002 at 12:02:17PM +0300, Alexandru Balan wrote:
> 
> ultimu cvsup la src-all l-am facut pe 1 Oct.si mi-a daruit un sendmail
> 8.12.6. 
> Should i worry ?
> 
> 
> -----Forwarded Message-----
> 
> From: Flower <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: [rlug] Sendmail 8.12.6 contine un troian
> Date: 09 Oct 2002 04:53:10 +0300
> 
> http://www.cert.org/advisories/CA-2002-28.html
> 
> CERT? Advisory CA-2002-28 Trojan Horse Sendmail Distribution
> Original release date: October 08, 2002
> Last revised: --
> Source: CERT/CC
> 
> A complete revision history is at the end of this file.
> Overview
> 
> The CERT/CC has received confirmation that some copies of the source
> code for the Sendmail package were modified by an intruder to contain a
> Trojan horse.
> 
> Sites that employ, redistribute, or mirror the Sendmail package should
> immediately verify the integrity of their distribution.
> ---
> 
> Cei interesati cititi la link-ul de mai sus detalii mai multe.
> 
> 
> Flower
> 
> 
> 
> ---
> Pentru dezabonare, trimiteti mail la 
> [EMAIL PROTECTED] cu subiectul 'unsubscribe rlug'.
> REGULI, arhive si alte informatii: http://www.lug.ro/mlist/
> 
> -- 
> Jay
> 
> 
> __________________________________________________________
> Send 'unsubscribe rofug' to [EMAIL PROTECTED] to unsubscribe
> 
------------+-------------------------------------------------------
Alex Popa,  |  "Computer science is no more about computers than
[EMAIL PROTECTED]|     astronomy is about telescopes" -- E. W. Dijkstra
------------+------------------------------------------------------
__________________________________________________________
Send 'unsubscribe rofug' to [EMAIL PROTECTED] to unsubscribe
[rofug] Re: [Fwd: [rlug] Sendmail 8.12.6 contine un troian]

Raspunde prin e-mail lui
