Mailinglist Archive: opensuse-security (334 mails)

< Previous Next >
Re: [suse-security] amavisd-new compromised?
  • From: Sven 'Darkman' Michels <sven@xxxxxxxxxx>
  • Date: Mon, 01 Sep 2003 11:23:57 +0200
  • Message-id: <3F53102D.9050302@xxxxxxxxxx>

GentooRulez wrote:
Hi all,

When i do

root@box:/home/sources > md5sum amavisd-new-20030616-p5.tar.gz
13e2ff0818e07f2a86327b641b97a5d6 amavisd-new-20030616-p5.tar.gz

with a freshly downloaded tar.gz from

the md5 sum differs from the one i find near by the download link.

which is

13c76432e957ccd302856f64526483a2 amavisd-new-20030616-p5.tar.gz

can't confirm here:

sven@ezri:~/tmp/amavis/check> wget
=> `amavisd-new-20030616-p5.tar.gz'
Connecting to connected!
HTTP request sent, awaiting response... 200 OK
Length: 291,067 [application/x-gzip]


11:19:26 (76.02 KB/s) - `amavisd-new-20030616-p5.tar.gz' saved [291067/291067]

sven@ezri:~/tmp/amavis/check> md5sum amavisd-new-20030616-p5.tar.gz
13c76432e957ccd302856f64526483a2 amavisd-new-20030616-p5.tar.gz

Any hints?

maybe, if you use a proxy, it's broken, or you've a hdd problem.
If you want to compare my file with yours, just drop me a line,
maybe it's compromised and the md5 checksum is changed or so.
(it's not that hard to change a .md5 file if i can change the
content itself ;)

have fun,

PS: if you think something is compromised you should contact the
autor of the maybe compromised soft, too. It's the best source
to confirm such things :)

< Previous Next >
List Navigation