Date: Tue, 6 Aug 2002 13:01:28 +0100 From: Kevin Golding <kevin@caomhin.demon.co.uk> To: Fabrizio Ravazzini <freefabri@yahoo.it> Cc: freebsd-security@freebsd.org Subject: Re: OpenSSh trojan on fbsd 4.5 Message-ID: <nn1d64BYq7T9EwjA@caomhin.demon.co.uk> In-Reply-To: <20020806113013.1491.qmail@web20105.mail.yahoo.com> References: <20020806113013.1491.qmail@web20105.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Someone, quite probably Fabrizio Ravazzini, once wrote: >Hello all I've installed a server on Freebsd 4.5 >Stable. >I know that latest versions of OpenSSH, such 3.2.2p1 >3.4p1 and 3.4 are trojaned. >I think that Openssh on my system is something like >3.0.2, is that right? 2.9 iirc ssh -V will tell you accurately. >Or, is the version of ssh in my box trojaned? >Thanx bye Basically you were only at risk if you installed a later version deliberately, and if you did that from ports you would have still needed to explicitly tell the install to ignore certain security checks. Basically a default install is unaffected. Kevin -- kevin@caomhin.demon.co.uk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?nn1d64BYq7T9EwjA>