Re: (fwd) OpenSSH trojan!

To: Vincent Hanquez <tab@crans.org>
Cc: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>, debian-security@lists.debian.org
Subject: Re: (fwd) OpenSSH trojan!
From: Halil Demirezen <halild@bilmuh.ege.edu.tr>
Date: Fri, 2 Aug 2002 17:10:11 +0300 (EEST)
Message-id: <[🔎] Pine.LNX.4.21.0208021707430.26167-100000@bilmuh>
In-reply-to: <[🔎] 20020802135343.GA3749@darwin.crans.org>

I wanna make it clear.

We are using OpenSSH_3.4p1 Debian 1:3.4p1-1, SSH protocols 1.5/2.0,
OpenSSL 0x0090603f

and we installed the ssh from the deb packages using
apt-get install utility.

I wonder if there is any risk on this stable version of OpenSSH (Debian)
undependent from openbsd's source tarball?

if there is, how can i fix it with the real stable one?

sincerely.

On Fri, 2 Aug 2002, Vincent Hanquez wrote:

> On Fri, Aug 02, 2002 at 03:36:53PM +0200, Florian Weimer wrote:
> > Vincent Hanquez <tab@crans.org> writes:
> > 
> > > as the others said, no.
> > > only Openbsd source package has been trojaned
> > 
> > No, both 3.4p1 and 3.2.2p1 (portable versions) have been changed, too.
> 
> sorry i've forget a word. I was speaking of Openbsd's ftp.
> 
> -- 
> Tab
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>

Reply to:

Follow-Ups:
- Re: (fwd) OpenSSH trojan!
  - From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>
- Re: (fwd) OpenSSH trojan!
  - From: Vincent Hanquez <tab@crans.org>

References:
- Re: (fwd) OpenSSH trojan!
  - From: Vincent Hanquez <tab@crans.org>

Prev by Date: Re: (fwd) OpenSSH trojan!
Next by Date: Re: (fwd) OpenSSH trojan!
Previous by thread: Re: (fwd) OpenSSH trojan!
Next by thread: Re: (fwd) OpenSSH trojan!
Index(es):
- Date
- Thread