Trojan horse found in OpenSSH software

The OpenBSD project warned yesterday that several versions of OpenSSH, its free network connectivity software, contain a Trojan...

Download this free guide

3 key web security guidelines from FS-ISAC

We address the ongoing issues regarding web security for businesses relying on an online presence. Download this e-guide and discover how to identify and address overlooked web security vulnerabilities as well as why you should look at the full security development lifecycle to reduce web threats.

Corporate E-mail Address:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

The OpenBSD project warned yesterday that several versions of OpenSSH, its free network connectivity software, contain a Trojan horse that can allow an attacker to take over a system.

The SSH protocol is widely used for secure remote terminal connections and file transfers between a client and a server running Unix and its derivatives.

The Trojan horse was discovered in OpenSSH versions 3.2.2p1, 3.4p1 and 3.4. The compromised software was first made available on an official download server on 30 July or 31 July, and from there was likely to have been copied to other download sites.

Trojan horse programs install backdoor programs that let attackers gain access to a computer. In this case the malicious code is run when the OpenSSH software is compiled by the user, the advisory warned. It allows arbitrary commands to be executed with the privileges of the compiling user.

Anyone who installed OpenSSH or offered it for download since 30 July should verify the authenticity of the software. The compromised OpenSSH versions can be identified by their incorrect MD5 checksums and PGP signatures.

More information on the Trojan horse and how to detect it can be found in the OpenSSH advisory www.openssh.com/txt/trojan.adv and an advisory sent out by the Computer Emergence Response Team (CERT) ( www.cert.org/advisories/CA-2002-24.html).

Read more on Antivirus, firewall and IDS products

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.