Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSH Package Trojaned

Posted by michael on from the md5-saves-lives dept.

cperciva writes "The original story is here. And more details are available from the guy's weblog here." Here's a mirror of that email message. Another reader writes, "Not really a trojan because all it does is make a connection to 203.62.158.32:6667." Still another writes "The tarball of the portable OpenSSH on ftp.openbsd.org is trojaned. The backdoor is only used during build - generated binaries are fine." There isn't much authoritative information available, but this appears legitimate - please be careful if you're updating any of your machines with code from ftp.openbsd.org, and we'll update this story with more links as information is available. Update: 08/01 19:13 GMT by M : OpenSSH now has an advisory.

2 of 566 comments (clear)

  1. What's the big worry by back@slash · · Score: 5, Funny

    C:\>bf-output.sh
    'bf-output.sh' is not recognized as an internal or external command,
    operable program or batch file

    This trojan doesn't look very 31337 to me.

    --
    This comment was generated by a Squadron of Ultra Ninjas
  2. Re:Just a Thought to prevent this.. by yatest5 · · Score: 5, Funny

    If there would be some configure/make environment that prevents or asks before outgoing connections and checks for possibly dangerous commands, that are unusual to call upon a ./configure run, wouldn't that prevent things like this to happen again?

    Yes, I recommend having the installation banned from creating / deleting / running any files.

    --
    • Mod parent up! [a] by Anonymous Coward (Score:5) Thurs, June 31, @13:37