tech-security: CERT Advisory CA-2002-28 Trojan Horse Sendmail Distribution (fwd)

Subject: CERT Advisory CA-2002-28 Trojan Horse Sendmail Distribution (fwd)
To: None <tech-security@netbsd.org>
From: Jeremy C. Reed <reed@reedmedia.net>
List: tech-security
Date: 10/08/2002 15:40:04

I read that sendmail.8.12.6.tar.gz was trojaned on ftp.sendmail.org around
Sept. 28 to Oct. 6.

According to CERT, this is the correct version:

     73e18ea78b2386b774963c8472cbd309 sendmail.8.12.6.tar.gz

It appears that distinfo for the sendmail pksgrc was dated Oct.3, but the
md5 seems to be fine.

The distinfo doesn't have md5 sums, but the download from the NetBSD
distfile ftp site had same sha1 and the correct md5 sum.

The gnu/dist/sendmail version was done several months ago.

The info is at
http://www.cert.org/advisories/CA-2002-28.html

netstat -an | grep 6667 # might help

  Jeremy C. Reed
  http://www.reedmedia.net