CERT: Sendmail Distribution Contained Trojan Horse

← Back to Stories (view on slashdot.org)

CERT: Sendmail Distribution Contained Trojan Horse

Posted by michael on Tuesday October 8, 2002 @01:28PM from the security-starts-inside dept.

Scoria writes "According to a CERT advisory published this afternoon, the public distribution of Sendmail 8.12.6 contained a trojan horse from September 28 to October 6. For more detailed information, please consult advisory CA-2002-28." This sounds very much like what happened to OpenSSH.

5 of 324 comments (clear)

But that's okay... by Anonymous Coward · 2002-10-08 13:29 · Score: 5, Funny

As long as you could also get the source to the Trojan, as well... right?
Thank GOD for Microsoft! by eamber · 2002-10-08 13:40 · Score: 5, Funny

Good thing I use Exchange Server. I've got a tight ship there.
1. Re:Thank GOD for Microsoft! by Sabalon · 2002-10-08 14:31 · Score: 5, Funny
  
  Don't forget that according to the earlier article you will now need to pay extra for that tight ship - otherwise you get the submarine with the screen door.
Re:Checksums by Anonymous Coward · 2002-10-08 13:50 · Score: 5, Funny

Also can't forget about the black hats and chinese/russian/terrorist groups as well.

Incorrect md5 sums certainly strike terror into my heart.
Re:Hardly news ... by Trogre · 2002-10-08 15:15 · Score: 5, Funny

Let's see, a Trojan Horse is basically defined as an undocumented chunk of code hiding inside a program, which does something that you don't know about or understand.

Not quite.
A Trojan Horse is defined as a big wooden horse which sat outside the ancient city of Troy, just large enough to happily contain 700 greeks in full battle dress and still leave adequate room for toilet facilities.

For more information read Homers's Iliad.

--
"Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife