HZFQ.COM
welcome to my space
X
Search:  
Welcome to:hzfq.com
Writing | Self Help | Travel | Wines and Spirits | Plastic Surgeries | Advertising | Forums | Banking | Related articles
 HOME   OpenSSH Hit with Trojan; Mirrors Compromised

OpenSSH Hit with Trojan; Mirrors Compromised

Published by: webmaster 2008-11-21

A day after warning of multiple vulnerabilities in the OpenSSL protocol, the CERT Coordination Center (CERT/CC) issued an alert that some copies of the source code for the OpenSSH package contain a Trojan horse.

OXXus.net: Web Hosting::
Oxxus.net Web hosting: Web hosting community! tried again now but same problem, are their mirrors for the security servers?
http://www.oxxus.net/blog/page/15/HOME
The security outfit warned that an unknown intruder modified files in the openssh-3.4p1.tar.gz, openssh-3.4.tgz and openssh-3.2.2p1.tar.gz to include malicious code and warned that mirrors of the OpenSSH download may be compromised. The main openBSD mirror was trojaned.

"We strongly encourage sites which employ, redistribute, or mirror the OpenSSH package to immediately verify the integrity of their distribution," CERT/CC said in the advisory.

MacInTouch Security Archive::
vulnerability to execute commands with the privileges of OpenSSH, usually root. packages detection for a Trojan horse program reportedly under
http://www.macintouch.com/securityarch_2001.01.htmlHOME
Cryptography/Privacy - forkb0mb.org::
here, only letting you know that youve been compromised after-the-fact. OpenSSH (ssh, scp, sftp, etc) CrytoLoop file-system (Linux)
http://www.forkb0mb.org/content/index.php?/categories/40-CryptographyPrivacyHOME
Developers on security message boards say the malicious code does not appear sophisticated but could be remotely programmed to give intruders root access machines.

"When building the OpenSSH binaries, the trojan resides in bf-test.c and causes code to execute which connects to a specified IP address. The destination port is normally used by the IRC protocol. A connection attempt is made once an hour. If the connection is successful, arbitrary commands may be executed," the group warned.

It is the second major bug found in OpenSSH in the last few months. In June, serious flaws were found and fixed in versions 2.3.1p1 through 3.3 of the open-source tool, which is used by developers as a secure alternative to Telnet Rlogin, Rsh, and FTP.

The malicious files appear to have been placed on the FTP server which hosts ftp.openssh.com and ftp.openbsd.org between July 30 or 31, almost two full days before the OpenSSH development team could replace the Trojan horse copies with the original, uncompromised versions. That means the Trojan horse copy of the source code was available long enough for copies to propagate to sites that mirror the OpenSSH site, CERT warned.

"The Trojan horse versions of OpenSSH contain malicious code that is run when the software is compiled. This code connects to a fixed remote server on 6667/tcp. It can then open a shell running as the user who compiled OpenSSH," the Center said.

OpenSSH users are urged to go to the primary distribution site for the software at OpenSSH.com.


W3C Reformulates XHTML 1.0
Government Against Full Disclosure of Vulnerabilities

You are looking at:hzfq.com's OpenSSH Hit with Trojan; Mirrors Compromised, click hzfq.com to home

#If you have any other info about this subject , Please add it free.#
Your name:
E-mail:
Telphone:

Your comments:


If you have any other info about OpenSSH Hit with Trojan; Mirrors Compromised , Please add it free.

About us -Site map -Advertisement -Jion us -Contact usExchange linksSponsor us
Copyright© 2008 hzfq.com All Rights Reserved
Site made&Support support@hzfq.com    E-mail: web@hzfq.com