Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: bitchx sources backdoored on distribution site
From: Neeko Oni (neekohaackey.com)
Date: Mon Apr 14 2003 - 20:03:21 CDT
From ftp.bitchx.org (msg in /pub):
* * * * * * A T T E N T I O N * * * * * *
Over the weekend of April 12th and 13th someone once again was releasing
back doored code for BitchX on a false ftp site that was linked from the
official BitchX Website. We stress to everyone to please take notice of
information that we post on http://faq.bitchx.org to help prevent these
problems from causing you to download falsified source code for BitchX.
So it's entirely possible the source you downloaded was backdoored; It
would have been nicer had you included the site you downloaded from.
According to bitchx.org it looks like it was only one off-site FTP.
As it was an 'official' FTP (the assumption we're making), whether
they're to blame or not is left for someone else to decide.
(Hey Bugtraq mod, wake up.)
> Content-Type: text/plain; charset=iso-8859-2
> Content-Disposition: inline
> Content-Transfer-Encoding: 8bit
> Can anyone verify that the bitchx 1.0c19 sources are backdoored.