Mailinglist Archive: opensuse-security (409 mails)

< Previous Next >
Re: [suse-security] openssh trojan (alert)
  • From: ic_admin <admin@xxxxxxxxxxxx>
  • Date: Thu, 01 Aug 2002 10:54:02 +0200
  • Message-id: <3D48F72A.80904@xxxxxxxxxxxx>
Hi List,

take a look at "http://docs.freebsd.org/cgi/getmsg.cgi?fetch=394609+0+current/freebsd-security"; there you find this part:


-- start --
This is the md5 checksum of the openssh-3.4p1.tar.gz in the FreeBSD
ports system:
MD5 (openssh-3.4p1.tar.gz) = 459c1d0262e939d6432f193c7a4ba8a8

This is the md5 checksum of the trojaned openssh-3.4p1.tar.gz:
MD5 (openssh-3.4p1.tar.gz) = 3ac9bc346d736b4a51d676faa2a08a57
-- stop --


If you do not check this ...


Regards

Ruediger




Olaf Kirch wrote:
On Thu, Aug 01, 2002 at 04:21:21AM -0400, Len Rose wrote:

Not implying that SuSE has this problem (it doesn't) but
you may wish to read this:

http://lists.netsys.com/pipermail/full-disclosure/2002-August/000734.html


Two things to note here.

1. The openssh RPMs released by SuSE do not seem to have this
problem; any trojaning of the tarball must have happened
afterwards, if at all.
2. The problem will affect only people recompiling openssh from
source, not users installing binary RPMs.

Disclaimer: I haven't checked the ftp archive at openbsd.org; all I've read
so far is the web page mentioned above. By all I know this might also be
a hoax.

Olaf



< Previous Next >
Follow Ups
References