Slashdot Mirror

← Back to Stories (view on slashdot.org)

CERT: Sendmail Distribution Contained Trojan Horse

Posted by michael on from the security-starts-inside dept.

Scoria writes "According to a CERT advisory published this afternoon, the public distribution of Sendmail 8.12.6 contained a trojan horse from September 28 to October 6. For more detailed information, please consult advisory CA-2002-28." This sounds very much like what happened to OpenSSH.

16 of 324 comments (clear)

  1. But that's okay... by Anonymous Coward · · Score: 5, Funny

    As long as you could also get the source to the Trojan, as well... right?

  2. Don't worry by bsharitt · · Score: 1, Funny

    Don't worry, there are no soldiers inside the Tojan horse.

  3. Microsoft Sux!!! by Anonymous Coward · · Score: 3, Funny

    What?! It's not M$? oh.......

  4. Thank GOD for Microsoft! by eamber · · Score: 5, Funny

    Good thing I use Exchange Server. I've got a tight ship there.

    1. Re:Thank GOD for Microsoft! by Anonymous Coward · · Score: 1, Funny

      Oh damn! Can I have your IP address to that MS Exchange Server please?

    2. Re:Thank GOD for Microsoft! by Sabalon · · Score: 5, Funny

      Don't forget that according to the earlier article you will now need to pay extra for that tight ship - otherwise you get the submarine with the screen door.

  5. This is a good reason to get windows! by greenskyx · · Score: 4, Funny

    That way when you get your software you know who put the security holes in it. It's all part of trustworthy computing... ;-)

  6. Sendmail by Anonymous Coward · · Score: 2, Funny

    Further proof that security through obscurity don't work.

  7. Re:Checksums by Anonymous Coward · · Score: 5, Funny

    Also can't forget about the black hats and chinese/russian/terrorist groups as well.

    Incorrect md5 sums certainly strike terror into my heart.

  8. Re:Upgrade? by Anonymous Coward · · Score: 1, Funny

    Yeah right. Admit it, It is because you can't decipher the config file so you can upgrade.

  9. This is a new low by Anonymous Coward · · Score: 1, Funny
    I tell you, when I was a lad, we had real crackers. Nowadays, these lamers are so useless they have to put more holes into a sendmail distro!

    Seriously. What is the w0rld coming to.

  10. Re:A Sad Day for Egg Troll by benwb · · Score: 3, Funny

    Yes, of course, that was exactly what I meant. Thank goodness you were on the ball, or someone would have thought that I was alluding to Fort Knox's traditional reputation of extremely high security.

  11. Re:Only the FTP... by Quixote · · Score: 4, Funny
    I even seem to remember pressed CDs being distributed with trojans.

    Surely these can't be Microsoft CDs!?! According to a KB article at Microsoft.com, "Disks are duplicated on a variety of industrial strength, quality focused systems. Most of these systems are UNIX-based. The UNIX-based duplication systems used in manufacturing are impervious to MS-DOS-based, Windows-based, and Macintosh-based viruses."

  12. Re:LMAO! by Wdomburg · · Score: 4, Funny

    >It is still funny, simply because it is yet
    >another sendmail problem.

    Yeah, and if someone breaks into your house and pees on your carpet, it's yet another carpet problem.

    Matt

  13. Re:Hardly news ... by Trogre · · Score: 5, Funny

    Let's see, a Trojan Horse is basically defined as an undocumented chunk of code hiding inside a program, which does something that you don't know about or understand.

    Not quite.
    A Trojan Horse is defined as a big wooden horse which sat outside the ancient city of Troy, just large enough to happily contain 700 greeks in full battle dress and still leave adequate room for toilet facilities.

    For more information read Homers's Iliad.

    --
    "Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
  14. Re:I got the bastard's IP by Anonymous Coward · · Score: 1, Funny

    actually, the cat's name is snuffy. she's 19.

    unfortunately guys, chances are i've been framed. by who? no idea. why? can't say.

    possibly jealous of my cat?