Mailinglist Archive: opensuse-security (409 mails)

< Previous Next >
RE: [suse-security] openssh trojan (alert)
  • From: Barry Gill <barry@xxxxxxxxxxx>
  • Date: Thu, 1 Aug 2002 11:04:28 +0200
  • Message-id: <4C4355E1C401D6118473009027E0199B672EB5@xxxxxxxxxxxxxxxxxxxxxx>
The version available on freebsd.org is not trojaned.
the md5 checksum shows the tarball that FreeBSD is distributing is the correct 1, and OpenBSD's
is different.

>to be a little more concrete: about 10 minutes ago I downloaded the tarball of openssh-3.4p1 which is actually available on >ftp.openbsd.org.
>I untared it, cd'd to openbsd-compat and did a gcc bf-test.c -o bf-test. After this I did sh bftest > bftest.sh and finally >got a shell script which
>contains the same as reported on the link below. So there is definitively a connection attempt to this server - but actually >I do not know
>waht it is good for. Could there be some legal reaseon for this?!?

< Previous Next >
This Thread
  • No further messages