[H-GEN] [Fwd: SECURITY: util-linux-2.9g compromised]

[Anthony Towns]

TCP-wrappers and now util-linux have both been apparently
compromised. *sigh*

(The Debian versions of both are apparently fine, presumably the RedHat
released-versions are similarly so. I've no idea about RawHide, and I'm
not even going to guess at the state of any of the other distributions
about)

----- Forwarded message from jcostom at madcow.jasons.org -----
From: Andries.Brouwer at cwi.nl (Andries Brouwer)
Newsgroups: comp.os.linux.announce
Subject: SECURITY: util-linux-2.9g compromised
Followup-To: comp.os.linux.misc
Date: Sun, 24 Jan 1999 14:47:23 GMT
Organization: CWI, Amsterdam
Message-ID: <pycola.917189243.9820 at revelation.bak.helsinki.fi>


I just learned that
ftp://ftp.win.tue.nl/pub/linux/util/util-linux-2.9g.tar.gz
has been compromised

(so that 1. It gives anybody who logs in with name #!sh
a root shell, and 2. It mails usernames and passwords
to wlogain at hotmail.com).

Probably you do not want to use this enhanced version.
The original version has been put back.
It has md5sum
ab409a6ac5a775a4b04b8e27f6c86933  util-linux-2.9g.tar.gz

I am not aware of anything else that was changed, but
of course this means for the time being that anything
found on this machine must be regarded as suspect.

Andries - aeb at cwi.nl


[PS I would be interested in finding precisely when
this was done. If you got a non-corrupt version
recently, could you mail me date and time?]

----- End forwarded message -----

-- 
Anthony Towns <aj at humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. PGP encrypted mail preferred.

``Like the ski resort of girls looking for husbands and husbands looking
  for girls, the situation is not as symmetrical as it might seem.''
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 434 bytes
Desc: not available
URL: <http://lists.humbug.org.au/pipermail/general/attachments/19990125/6c3e28e4/attachment.sig>