Fwd: [suse-security-announce] Not affected: openssh trojan from ftp.openbsd.org

Subject: Fwd: [suse-security-announce] Not affected: openssh trojan from ftp.openbsd.org
From: W.D.McKinney (deem@wdm.com)
Date: Thu Aug 01 2002 - 09:13:14 AKDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Arthur Corliss: "Re: openssh-3.4p1.tar.gz apparently trojaned"
• Previous message: Jim Gribbin: "openssh-3.4p1.tar.gz apparently trojaned"

Nice to know that the SuSE systems are OK.

----- Forwarded message from Roman Drahtmueller <draht@suse.de> -----

> To: suse-security-announce@suse.com
> From: Roman Drahtmueller <draht@suse.de>
> Date: Thu, 1 Aug 2002 14:51:48 +0200 (MEST)
> Subject: [suse-security-announce] Not affected: openssh trojan from ftp.openbsd.org
> Reply-To: Roman Drahtmueller <draht@suse.de>
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Thu Aug 1 14:40:28 MEST 2002
>
>
> The openssh source tarball openssh-3.4p1.tar.gz from the openbsd ftp
> server ftp.openbsd.org has been trojaned with code that opens network
> connections to a server in the internet (203.62.158.32:6667) at compile
> time. The backdoor does not have any influence on the runtime behaviour of
> the package to our current knowlege. As of now, the package on the openbsd
> ftp server has not been removed/cleaned.
>
> The SuSE openssh package for SuSE Linux 8.0 has the same version 3.4p1,
> but it is built from non-trojaned sources. Therefore, the SuSE openssh
> packages are not affected by this backdoor.
>
> We thank our users who have expressed their concerns about the backdoor
> when they notified SuSE Security, and to Len Rose from
> full-disclosure@lists.netsys.com.
>
> Regards,
> Roman Drahtmüller,
> SuSE Security.
> - --
> - -
> | Roman Drahtmüller <draht@suse.de> // "You don't need eyes to see, |
> SuSE Linux AG - Security Phone: // you need vision!"
> | Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
> - -
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3i
> Charset: noconv
>
> iQEVAwUBPUku1Hey5gA9JdPZAQHNgwf7Bj2C9aJyCR+ooCxOr/2wpTYKkn0wEHFS
> DsKUXyXWXKXQORs09npwxVh2NF9WIotreDAwG4MOnLgMdGD6ai+rcV0Y16UIo0YC
> V8SwhpKemDTHPCnDZq9TTywsWhXIpsOmFZelHqbzEvbL99Ibf7GCDfMmfAYkId+E
> WOaC9LA5MPICiMQYB/o1hRpiU49iKvEfvOWzYb3E+OcA1vKiYdO9cmSQXNXV50oS
> l5FR345zGnl1dWvu6jbXaxNwgbMeWF1T5Ow0RE7a6/9iA/WiGaNAkd8GVUPSDW0G
> r+xCYmmcp5VNb3UnMlZLa6FQP8pmNYJtI6emVAGRo5mBPmwxC3S2JA==
> =CLck
> -----END PGP SIGNATURE-----
>
>
> --
> To unsubscribe, e-mail: suse-security-announce-unsubscribe@suse.com
> For additional commands, e-mail: suse-security-announce-help@suse.com

----- End forwarded message -----

-- 
W.D.McKinney (Dee)
http://3519098920
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: Arthur Corliss: "Re: openssh-3.4p1.tar.gz apparently trojaned"
• Previous message: Jim Gribbin: "openssh-3.4p1.tar.gz apparently trojaned"

This archive was generated by hypermail 2a23 : Thu Aug 01 2002 - 09:13:20 AKDT