Vulnerability Development mailing list archives

Re: ssh trojaned

From: "Alex Lambert" <alambert () webmaster com>
Date: Tue, 6 Aug 2002 11:38:53 -0500

iirc, the trojaned version of epic was served to specific ip ranges

I assume you mean BitchX, epic has never been trojaned.


It was IRSSI that has been trojaned, not BitchX.


It was both.

http://www.irssi.org/?page=backdoor

"There is something very strange going on with the
   FTP server on ftp.bitchx.org. In some cases, it serves up the trojaned
   version; in others, the original, safe version.
   This indicates that someone has (at least) also tampered with the FTP
   server software itself; most likely the server has been rooted. We
   have reported this issue to BitchX developers, and they are
   investigating. In the meantime, we suggest everyone should treat
   anything downloaded from the ftp.bitchx.org server with extreme
   skepticism."

Hope this clears things up ;)



apl

Current thread:

RE: ssh trojaned, (continued)
- RE: ssh trojaned Fabrizio Siciliano (Aug 02)
  - RE: ssh trojaned Rory Savage (Aug 02)
- Re: Re: ssh trojaned wozz (Aug 02)
  - RE: Re: ssh trojaned Joe Harrison (Aug 03)
  - Re: Re: ssh trojaned Nick Lange (Aug 05)
    - Re: ssh trojaned loki_ (Aug 05)
    - Re: ssh trojaned Nick Lange (Aug 05)
    - Re: ssh trojaned Joakim Andersson (Aug 05)
    - Re: ssh trojaned Clemens 'Gullevek' Schwaighofer (Aug 06)
    - Re: ssh trojaned Andreas Krennmair (Aug 06)
    - Re: ssh trojaned Alex Lambert (Aug 06)
    - Message not available
    - Re: ssh trojaned Clemens 'Gullevek' Schwaighofer (Aug 07)
    - Re: Re: ssh trojaned Jonas Anden (Aug 05)
    - Re: Re: ssh trojaned Tan Wee Yeh (Aug 05)
    - Re: Re: ssh trojaned Thomas Cannon (Aug 05)
- Re: ssh trojaned Grudge Mason (Aug 02)
- RE: Re: ssh trojaned kevin () ktstone com (Aug 03)