Subject: CERT Advisory CA-2002-28 Trojan Horse Sendmail Distribution (fwd)
To: None <email@example.com>
From: Jeremy C. Reed <firstname.lastname@example.org>
Date: 10/08/2002 15:40:04
I read that sendmail.8.12.6.tar.gz was trojaned on ftp.sendmail.org around
Sept. 28 to Oct. 6.
According to CERT, this is the correct version:
It appears that distinfo for the sendmail pksgrc was dated Oct.3, but the
md5 seems to be fine.
The distinfo doesn't have md5 sums, but the download from the NetBSD
distfile ftp site had same sha1 and the correct md5 sum.
The gnu/dist/sendmail version was done several months ago.
The info is at
netstat -an | grep 6667 # might help
Jeremy C. Reed