Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: openssh-3.4p1.tar.gz trojaned
From: Przemyslaw Frasunek <venglin () freebsd lublin pl>
Date: 05 Aug 2002 11:37:24 +0200
Edwin Groothuis <edwin () mavetju org> napisaƂ(a):


Just want to inform you that the OpenSSH package op ftp.openbsd.org
(and probably all its mirrors now) it trojaned:


Actually, it's possible, that also other machines at openbsd.org were
compromised (dns servers? cvs.openbsd.org?). Recently we had complains
about some malicious IRC activity originating from cvs.openbsd.org,
which was possibly cracked or DNS spoofed. 

03:11 EFNet:[ Whois deraadt (deraadt () cvs openbsd org)
03:11 EFNet::    Ircname : Theo de Raadt
03:11 EFNet::     Server : irc.efnet.pl [ATMAN Network, Warsaw, Poland ]
03:11 EFNet::       Idle : 0 days 0 hours 1 mins 9 secs
03:11 EFNet::     Signon : Fri Aug  2 03:09:58 2002
03:10 EFNet:- irc.efnet.pl - *** Notice -- User deraadt
                 (deraadt () cvs openbsd org) is attempting to join locally
                 juped channel #phrack

-- 
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslaw () frasunek com ** PGP: D48684904685DF43EA93AFA13BE170BF *

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]