Hi again,
to be a little more concrete: about 10 minutes ago I downloaded the tarball of openssh-3.4p1 which is actually available on ftp.openbsd.org.
I untared it, cd'd to openbsd-compat and did a gcc bf-test.c -o bf-test. After this I did sh bftest > bftest.sh and finally got a shell script which
contains the same as reported on the link below. So there is definitively a connection attempt to this server - but actually I do not know
waht it is good for. Could there be some legal reaseon for this?!?

Christoph

BTW: were are just trying to double-check the sig of the tarball but due to probs with the keyservers didn't have results for now...

1.8.2002 10:45:59, Christoph Wegener <cwebph.ruhr-uni-bochum.de> wrote:

>Hi everybody,
>I just checked it double: YES the openssh-3.4p1.tar.gz on ftp.openbsd.org is TROJANED!!! I downloaded our versions here just after
there
>were released from the OpenSSH team, these ones seem to be clean. BUT: The version which is actually available on ftp.openbsd.org is
>NOT clean! Or did I make a mistake in my analysis?!?
>
>So is this the time to say good bye to OpenSSH?!? ;))
>
>Christoph
>
>1.8.2002 10:21:21, Len Rose <lennetsys.com> wrote:
>
>>
>>Not implying that SuSE has this problem (it doesn't) but
>>you may wish to read this:
>>
>>http://lists.netsys.com/pipermail/full-disclosure/2002-August/000734.html

--
    .-.                             Ruhr-Universitaet Bochum
    /v\    L   I   N   U   X        Lehrstuhl fuer Biophysik
   // \\  >Penguin Computing<       c/o Christoph Wegener
  /(   )\                           Gebaeude ND 04/Nord
   ^^-^^                            D-44780 Bochum, GERMANY
Tel: +49 (234) 32-25754             Fax: +49 (234) 32-14626
mailto:cwebph.ruhr-uni-bochum.de   http://www.bph.ruhr-uni-bochum.de
-- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]