[GLLUG] Re: Blackhats and md5sums
c.tower@express56.com
c.tower@express56.com
Fri, 2 Aug 2002 21:56:49 -0400 (EDT)
I didn't know there was ANY time between the 30th and 31st of July. That
must be how the perpetrators put their bogus code on a secure server; they
exploited a previously unknown vulnerability in the Julian calendar!
Chick
> -------- Original Message --------
> Well, if you think you are safe rebuilding from source, think again...
>
>
> 1. Systems affected:
>
> OpenSSH version 3.2.2p1, 3.4p1 and 3.4 have been trojaned on the
> OpenBSD ftp server and potentially propagated via the normal mirroring
> process to other ftp servers. The code was inserted some time between
> the 30th and 31th of July....
----------------------------------------------
Unlimited Internet access at only $6.95/month.
http://www.EXPRESS56.COM/?refsource=webmail