Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Re: ssh trojaned

Re: ssh trojaned

From: Alex Lambert <alambert_at_webmaster.com>
Date: Tue, 6 Aug 2002 11:38:53 -0500

> >> iirc, the trojaned version of epic was served to specific ip ranges
>
> > I assume you mean BitchX, epic has never been trojaned.
>
> It was IRSSI that has been trojaned, not BitchX.

It was both.

http://www.irssi.org/?page=backdoor

"There is something very strange going on with the
   FTP server on ftp.bitchx.org. In some cases, it serves up the trojaned
   version; in others, the original, safe version.
   This indicates that someone has (at least) also tampered with the FTP
   server software itself; most likely the server has been rooted. We
   have reported this issue to BitchX developers, and they are
   investigating. In the meantime, we suggest everyone should treat
   anything downloaded from the ftp.bitchx.org server with extreme
   skepticism."

Hope this clears things up ;)

apl
Received on Aug 06 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos