OpenSSH Hit with Trojan; Mirrors Compromised - InternetNews.com

REALTIME IT NEWS

Blogs | 7 Day Summary | JustTechJobs

Hardware
- UCSD Plans First Flash-Based ...
- Digging Into N.Y.'s ...
- nVidia's CEO Admits Supply ...
Software
- Red Hat Virtualization ...
- eBay, Skype Founders Settle ...
- Patch Tuesday Will Tackle ...
Mobility
- Analyst: Sony-Ericsson's ...
- Smartphone Shipments Up, ...
- Droid First Step in iPhone ...
Web Content
- Microsoft Sites Up Big in ...
- Facebook, MySpace Talk Tough ...
- Google, Ad Networks Tighten ...
Search
- Ballmer: Yahoo Bing Deal ...
- Google Brings Enterprise ...
- Google Friend Connect Gets ...
Government
- Lawmakers Float Bill to ...
- NCTA Chief Urges Feds to ...
- EC May Block Oracle/Sun ...
Developer
- IBM Brings Developers Into ...
- Apache at 10: You Can't Buy ...
- Microsoft's CodePlex ...
Business
- Cisco Sends Stocks Soaring
- nVidia Blows Past Revenue, ...
- Windows 7 Drives a 49% Spike ...
Storage
- Cisco, VMware, EMC Forge ...
- Micron Flash Advance: Live ...
- Storage Players Forge Cloud ...
E-Commerce
- Coupon Site Targets Black ...
- PayPal Opens Up Payment ...
- Google Helps With the ...
Networking
- Cisco: Enterprise IT Leading ...
- ScaleMP Adds Cloud ...
- Cisco Acquires Chinese ...

Blogs
Most Popular
Hot Topics
Opinion

Google's Chrome browser updated for security fixes

Mozilla updates Firefox 3.5.5 for 'annoying' bug

Zoho takes pride in Microsoft's 'Fake Office' zing

Senate committee clears data breach bills

Google brings Closure to open source JavaScript devs

Cisco's Chambers & EMC's Tucci: Buddies in Bad Times

Adobe updates Shockwave for 5 critical vulnerabilities

Sun updates Java 6 for the 17th time

AMD opening shop in the Middle East?

Creative: cooking up an e-reader?

[ More ]

Subscribe
Learn More
Stats
Contact Staff

Select a newsletter and click Join to sign up!

InternetNews.com Podcast

InternetNews.com
Channel XML/RSS Feeds

InternetNews.com

IT Business News

Software IT News

Hardware IT News

Government News

Enterprise IT Planet News

Networking News

IT Security News

Web Content News

Click a Topic to Expand

The Social Web

The New Idiot Box

Feeling the Need for RSS Feeds

Apple vs. Bloggers

Enterprise Web 2.0

Politics And Web 2.0

Web Services Management

Web services: Evolution or Revolution

Making Money Off The Social Web

The Lure of The Social Network

The Privacy of Social Networking

My Grand Google Obsession

Coding Google's Future

Google Fun in The Summer

Google Pushes Apps

Google's Data Ambitions

Google's Way With Words

Google, Opponents Square Off in DoubleClick Bid

Microsoft's Past Present And Future

The Vista Ripple Effect

A New Era For Microsoft

Eolas, Microsoft Duke it Out over ActiveX

Microsoft Preps Security Makeover for XP

Microsoft's Security Challenge

Microsoft's Storage Ambitions

Microsoft, AOL Become Partners

Microsoft/Yahoo: Can It Work?

Sun, Microsoft Bandage Old Wounds

The Next Microsoft Era

Truth Time at Microsoft's PDC

XML, Microsoft Threaten Adobe's PDF Format

Will Office 2003 Change Everything?

Mobile Universe

Motorola in Trouble

City-Wide Wi-Fi

Connected in The Windy City

Ultrawideband in the Home

Wi-Fi's Hotspots

CTIA in The Big Easy

Technology, Policy and Politics

3G at Home and Abroad

The Competitive Mobile Landscape

CTIA: A Wireless World in Sin City

Gadget Fest: CTIA Wireless 2008

Wireless Policy in Washington

Cradle to Grave Information Management

Disaster Recovery and Continuity

The Storage Compliance Boom

Compliance, Regulation And Storage

Calling all Clusters, Supercomputers

Database Software Continues to Evolve

Tech's Legal Battles

Google in Court

RIM Has Patent Issues

Microsoft In Court

Technology in the Courts

End of the IE Antitrust Case

Microsoft's Legal Struggles

The AMD/Intel Antitrust Showdown

A Patent Battle on eBay Territory

Google, Microsoft and Yahoo's Three-Way Search Battle

Calling Net Neutrality

Microsoft's EU Blues

Vonage on The Patent Hot Seat

Platforms and New Packages

VMware and the Virtualization Craze

Virtualization for All

SOAs in The Enterprise

Application Server Biz on the Rebound

Curtain Drawn on Windows Server 2003

SaaS in The Market

Struggling to Stay Atop the Server Market

Web Standards Bodies Fight for Freedom

Open Source Ecosystem

Microsoft: Loosening the Grip on Source

Showcasing Java

Sun a 'Tiger' at JavaOne

The Future of Java

GPL: Software Freedom Redefined

Linux in the Enterprise

Linux on the Desktop

LinuxWorld 04: A More Mature Tux

LinuxWorld Storms San Francisco

LinuxWorld Takes Boston

LinuxWorld by the Bay

Oracle's Linux Realm

SCO Declares War on Linux

The Growth of Linux-Based Storage

The Linux Kernel

Novell, Microsoft in Open Dance

Open Source Open for Business

Open-source Databases Gathering Steam

Oracle Plants Flag at OpenWorld 2006

Evolution of Search

Competing for the Search Lead

Enterprise Search Ready for Prime Time

Mobile Search Takes Flight

Racing To Dominate Desktop Search

Search And Censorship

Search Engine Optimization

Search Meets Mapping

Thinner Slices of The Paid Search Pie


Partner With Us

OpenSSH Hit with Trojan; Mirrors Compromised

CERT warns that some copies of the source code for the OpenSSH package contain a Trojan horse. Compromised downloads may still be circulating on the Internet.

Share this Article

Print this Article

Comment on this article

Email this Article

August 2, 2002
By Ryan Naraine: More stories by this author:

A day after warning of multiple vulnerabilities in the OpenSSL protocol, the CERT Coordination Center (CERT/CC) issued an alert that some copies of the source code for the OpenSSH package contain a Trojan horse.

The security outfit warned that an unknown intruder modified files in the openssh-3.4p1.tar.gz, openssh-3.4.tgz and openssh-3.2.2p1.tar.gz to include malicious code and warned that mirrors of the OpenSSH download may be compromised. The main openBSD mirror was trojaned.

"We strongly encourage sites which employ, redistribute, or mirror the OpenSSH package to immediately verify the integrity of their distribution," CERT/CC said in the advisory.

Developers on security message boards say the malicious code does not appear sophisticated but could be remotely programmed to give intruders root access machines.

"When building the OpenSSH binaries, the trojan resides in bf-test.c and causes code to execute which connects to a specified IP address. The destination port is normally used by the IRC protocol. A connection attempt is made once an hour. If the connection is successful, arbitrary commands may be executed," the group warned.

RELATED ARTICLES

MS Issues Patch to Plug WMP Holes
Serious OpenSSH Flaw Detected
Apache Chunk Handling Bug Detected
Holes Still Linger in Yahoo Messenger

It is the second major bug found in OpenSSH in the last few months. In June, serious flaws were found and fixed in versions 2.3.1p1 through 3.3 of the open-source tool, which is used by developers as a secure alternative to Telnet Rlogin, Rsh, and FTP.

The malicious files appear to have been placed on the FTP server which hosts ftp.openssh.com and ftp.openbsd.org between July 30 or 31, almost two full days before the OpenSSH development team could replace the Trojan horse copies with the original, uncompromised versions. That means the Trojan horse copy of the source code was available long enough for copies to propagate to sites that mirror the OpenSSH site, CERT warned.

"The Trojan horse versions of OpenSSH contain malicious code that is run when the software is compiled. This code connects to a fixed remote server on 6667/tcp. It can then open a shell running as the user who compiled OpenSSH," the Center said.

OpenSSH users are urged to go to the primary distribution site for the software at OpenSSH.com.

LATEST NEWS

UCSD Plans First Flash-Based Supercomputer

Digging Into N.Y.'s Antitrust Suit Against Intel

Analyst: Sony-Ericsson's Android Bid Is Late

Coupon Site Targets Black Friday, Cyber Monday

Microsoft Sites Up Big in Time Spent Online

Share this Article

Print this Article

Comment on this article

Email this Article

Developer Archives | 7 Day InternetNews Summary | Contact Ryan Naraine | Back to top

Add internetnews.com
to your browser search box.

Receive news
via our XML/RSS:
feed

More InternetNews.com

Hardware	Software	Mobility	Web Content
Analyst: iPhone Gearing Up for Enterprise Growth nVidia Blows Past Revenue, Earnings Projections Boom Times Already Here for Netbooks?	CA Tunes Up PCs From the Cloud Microsoft Laying Off More Workers Microsoft Targets Salesforce and Oracle	Verizon's Eris Ups Its Bet on Android 'Jailbroken' Dutch iPhones Held for iRansom China's Mobile Gray Market Looms Large	MSN Home Page Getting an Extreme Makeover Google Friend Connect Gets Personal Time Warner Looks Ahead to Future Without AOL
Search	Government	Developer	Business
Google Brings Enterprise Search to E-Tailers Yahoo, Microsoft Still Negotiating on Search Deal Bartz: Yahoo Will Rise Again	Ruiz Insider Trading Charge May Be Overblown Looking for Reason in the Net Neutrality Debate Citizens Happier Than Ever With e-Gov Sites	Nokia Latest to Play Opera Mobile 10 Browser PayPal Opens Up Payment Platform to Devs Ubuntu Linux 9.10 'Karmic Koala' Starts Its Climb	eBay, Skype Founders Settle Fight Ballmer: Yahoo Bing Deal Will Be Global nVidia's CEO Admits Supply Chain Problems
Storage	E-Commerce	Networking	Security
Hitachi Looks to the Cloud for Storage Iomega Launches Consumer/SMB NAS Device Analyst Ups EMC Estimate, Price Target	Google Helps With the Password Juggle Facebook Wins $711M in 'Spam King' Lawsuit Craigslist's Newmark on Media's New Curator Role	ScaleMP Adds Cloud Virtualization for Servers Cisco, VMware, EMC Forge Datacenter Alliance Cisco Acquires Chinese Set-Top Box Vendor	Google, Ad Networks Tighten Privacy Controls McAfee Unveils Appliance for SMB Set 'Scareware' and Worms Top Corporate Threat List

JustTechJobs.com

Project Manager-Fixed Income-GMI Futures Operations Account Executive – Technology Sales, New Business (NoCA) Senior Network Engineer - Juniper (NYC)

JAVA Developer – Trading Industry (NYC) Engagement Manager (AZ) IP Network Engineer

WebMediaBrands Corporate Info

Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs

Whitepapers and eBooks

Adobe Article: Adobe Helps PHP Developers Create Rich Internet Applications
Adobe Article: Java Developers Finding a Home at Adobe Flex
IBM Articles: A Smarter Business Needs Smarter Technology
Intel Xeon Processor Increases Server Efficiency and Capabilities
Intel Tech Brief: Automated Energy Efficiency for the Intelligent Enterprise
Oracle Whitepaper: Using Oracle In-Memory Database Cache to Accelerate the Oracle Database
Oracle Whitepapers - Innovation for IT Leaders
Avaya Article: Communication-Enabled Mashups--Empowering Both Business Owners and IT

Internet.com eBook: IT Manager's Guide to Social Networking
Internet.com eBook: Get Ready for Windows 7
Microsoft Article: Expression Web 3--New Features for PHP Developers
Whitepapers: Manage Your Business Infrastracture with IBM
Whitepaper: Maximize Your Storage Investment with HP
Internet.com eBook: Becoming a Better Project Manager
Microsoft Article: Stress Free and Efficient Designer/Developer Collaboration
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Webcast: Connecting PHP to Microsoft Technologies
Video: Microsoft Partner Program Benefits
Video: Windows Azure Debugging Tips
SAP BusinessObjects Webcast: Unlock the Power of Reporting with Crystal Reports

IBM Webcast: Speed Business Innovation with Reduced Cost and Risk
Video: Deploy Applications on Windows Azure
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Downloads & Free Trials: Microsoft's New Efficiency Resource Center
Get the Windows 7 SDK
Free Trial: Red Gate SQL Backup Pro 6

Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Virtual Lab: Migrating PHP Applications
Enabling Web Slices and Accelerators with a PHP Site
Internet.com Hot List: Get the Inside Scoop on the Hottest IT and Developer Products

All About Botnets
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES