--TA4f0niHM6tHt3xR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Nov 13, 2002 at 10:25:30AM -0600, James Miller wrote: > Hello all > I have been a long time reader of this list. An associate passed this al= ong > to me this morning and I wanted to share it with everyone. > http://hlug.fscker.com/ > Latest libpcap & tcpdump sources from tcpdump.org contain a trojan. > Affected version are: > libpcap-0.7.1.tar.gz > tcpdump-3.6.2.tar.gz > tcpdump-3.7.1.tar.gz Downloads from October 30 have been confirmed good. Downloads after November 12 confirmed bad. Anything in-between is anyone's guess. If anyone downloaded those sources between those two dates, please contact me with the package md5sums. I want to narrow down the time frame. CVS repository does NOT appear to have been compromised. Good: 03e5eac68c65b7e6ce8da03b0b0b225e tcpdump-3.7.1.tar.gz 0597c23e3496a5c108097b2a0f1bd0c7 libpcap-0.7.1.tar.gz Bad: 3c410d8434e63fb3931fe77328e4dd88 tcpdump-3.7.1.bad.tar.gz 73ba7af963aff7c9e23fa1308a793dca libpcap-0.7.1.bad.tar.gz > Regards, > Jim Mike --=20 Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com /\/\|=3Dmhw=3D|\/\/ | (678) 463-0932 | http://www.wittsend.com/= mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! --TA4f0niHM6tHt3xR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQCVAwUBPdKHguHJS0bfHdRxAQGAnAQAwNm/9IzDza90dxhposTZoeVtgzjjeipY BJlgyhbeyLKvC5DoBMxn7eW29tl7+4e4FFQOsMKkaCyw+sCbc12hb3hWlNLzQeGO DrVpeLCaZsFuEZndl9Y7c7dLQvl4jUZVoLgIR8TDUXv9oz0TvjTA+1MUWZ/bEDPP xpkiaOEc1yg= =gt4S -----END PGP SIGNATURE----- --TA4f0niHM6tHt3xR--
