| 1 |
Am 01 Aug 2002 12:18:53 +0300 |
| 2 |
schrieb Vitaly Kushneriuk <vitaly_kushneriuk@×××××.com>: |
| 3 |
|
| 4 |
> It's indeed looks like a trojan. It doesn't send you'r etc/passwd tho. |
| 5 |
> It connects to the 203.62.158.32[web.snsonline.net.] port 6667[irc] |
| 6 |
> and opens shell session on that connection, so that whoever is in |
| 7 |
> control there will be able to execute arbitraty commands on your system |
| 8 |
> with you'r current privileges. especialy dangerouus if you compile as |
| 9 |
> root. |
| 10 |
|
| 11 |
im not so big into the code, but the file @ ibiblio.org seems to be ok |
| 12 |
|
| 13 |
ftp://ibiblio.org/pub/Linux/distributions/gentoo/distfiles/openssh-3.4p1.tar.gz |
| 14 |
|
| 15 |
-rw-r--r-- 1 raven users 837668 08-01 12:06 |
| 16 |
openssh-3.4p1.tar.gz.ibiblio.org |
| 17 |
-rw-r--r-- 1 raven users 840574 08-01 11:46 openssh-3.4p1.tar.gz.dangerous_from.ftp.openbsd.org |
| 18 |
-rw-r--r-- 1 root root 837668 08-01 11:35 |
| 19 |
openssh-3.4p1.tar.gz.ok |
| 20 |
|
| 21 |
see the different sizes? interesting. that says enough. |
| 22 |
|
| 23 |
however the file mentionen (openbsd-compat/bf-test.c) doesnt exist in the ibiblio version |
| 24 |
so i hope this one is clean. |
| 25 |
|
| 26 |
|
| 27 |
such thing must never happen! |
| 28 |
|
| 29 |
|
| 30 |
Corvus Corax |
Archives