CERT warns of Trojan horse in Sendmail package


CERT warns of Trojan horse in Sendmail package

An Internet hacker has implanted some copies of the source code for the Sendmail package with a Trojan horse, allowing intruders to access computers on which the popular mail-server was compiled and open computer networks to attack.

The Trojan horse versions of the Sendmail package contain malicious code that creates a back door when the program is compiled from its source code, a Computer Emergency Response Team Coordination Center (CERT/CC) statement said.

Modified versions of the files sendmail.8.12.6.tar.z and sendmail.8.12.6.tar.gz began to appear in downloads from the file transfer protocol (FTP) server ftp.sendmail.org on or around 28 September, according to CERT/CC.

The Sendmail development team disabled FTP access to the server on 6 October.

Although CERT/CC said it does not appear that copies downloaded via HTTP contained the Trojan horse, it encourages users who may have downloaded the source code via this protocol to verify software authenticity.

CERT/CC has urged users to verify the cryptographic signatures of the packages. The Sendmail development team confirmed that Trojan horse copies failed signature checks.

More details of the Trojan horse are available at www.cert.org/advisories/CA-2002-28.html

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy