Bugtraq mailing list archives
<Advice> Possible Backdoor into openssh-3.7.1p1-i386-1.tgz from Slackware Mirror
From: "Piermark" <bugs84 () libero it>
Date: Sat, 20 Sep 2003 22:46:47 +0200
Hi, I have update my Slackware 9.0 with openssh-3.7.1p1-i386-1.tgz from http://www.slackware.at/data/slackware-9.0/patches/packages/openssh-3.7.1p1-i386-1.tgz Now i have 3 new tcp/ip ports into my system: (thank Nmap) :-) - 867 Open - 879 Open - 889 Open Example: telnet> open (to) 127.0.0.1 867 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. These ports are choice random from a range of 300 - 1200 !! and the size of the tgz is various for every mirror: 628642 Sep 20 17:58 openssh-3.7.1p1-i386-1.tgz (from www.slackware.at) 628481 Sep 20 21:01 openssh-3.7p1-i386-1.tgz (from www.slackware.com) All these examples make to think an possible backdoor into SSH (take from mirror) Excuse for my bad english. Thank you ! Mark
Current thread:
- <Advice> Possible Backdoor into openssh-3.7.1p1-i386-1.tgz from Slackware Mirror Piermark (Sep 20)
- Re: <Advice> Possible Backdoor into openssh-3.7.1p1-i386-1.tgz from Slackware Mirror Martin Östlund (Sep 20)
- Re: <Advice> Possible Backdoor into openssh-3.7.1p1-i386-1.tgz from Slackware Mirror Robert Jaroszuk (Sep 20)
- Re: <Advice> Possible Backdoor into openssh-3.7.1p1-i386-1.tgz from Slackware Mirror Patrick J. Volkerding (Sep 20)