Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


util-linux-2.9g compromised

Jan 25, 1999, 00:08 (0 Talkback[s])

As posted by Andries Brouwer to C.O.L.A., January 24, 1999 and also on linux-kernel.

I just learned that
ftp://ftp.win.tue.nl/pub/linux/util/util-linux-2.9g.tar.gz
has been compromised

(so that 1. It gives anybody who logs in with name #!sh
a root shell, and 2. It mails usernames and passwords
to wlogain@hotmail.com).

Probably you do not want to use this enhanced version.
The original version has been put back.
It has md5sum
ab409a6ac5a775a4b04b8e27f6c86933  util-linux-2.9g.tar.gz

I am not aware of anything else that was changed, but
of course this means for the time being that anything
found on this machine must be regarded as suspect.

Andries - aeb@cwi.nl


[PS I would be interested in finding precisely when
this was done. If you got a non-corrupt version
recently, could you mail me date and time?]

An independent announcement by Andries Brouwer of the util-linux security breach was posted to the linux-kernel list and is published on LWN/daily.