Sendmail Trojan木马漏洞

漏洞信息详情

Sendmail Trojan木马漏洞

• CNNVD编号：CNNVD-199901-016
• 危害等级： 超危
  
  
• CVE编号：
  CVE-1999-0661
  
• 漏洞类型：
  
  
  未知
  
• 发布时间：
  
  1999-01-01
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
• 漏洞来源：
  Advisory released …

系统运行一个分布点用特洛伊木马代替的软件版本时存在漏洞。软件版本有(1) TCP Wrappers 7.6， (2) util-linux 2.9g， (3) wuarchive ftpd (wuftpd) 2.2 和 2.1f， (4) IRC 客户端 (ircII) ircII 2.2.9， (5) OpenSSH 3.4p1， 或者(6) Sendmail 8.12.6.

The vendor has stated that the versions served via HTTP download are not affected, and the valid versions of sendmail for downloaded from
http://www.sendmail.org. They are available from the normal distribution channels and have the following MD5 checksums:
73e18ea78b2386b774963c8472cbd309 sendmail.8.12.6.tar.gz
cebe3fa43731b315908f44889d9d2137 sendmail.8.12.6.tar.Z
8b9c78122044f4e4744fc447eeafef34 sendmail.8.12.6.tar.sig
Additionally, they are signed with the Sendmail Consortium PGP Key.

来源:CERT/CC Advisory: CA-2002-28
名称: CA-2002-28
链接:http://www.cert.org/advisories/CA-2002-28.html

来源:CERT/CC Advisory: CA-1999-02
名称: CA-1999-02
链接:http://www.cert.org/advisories/CA-1999-02.html

来源:CERT/CC Advisory: CA-1999-01
名称: CA-1999-01
链接:http://www.cert.org/advisories/CA-1999-01.html

来源:CERT/CC Advisory: CA-1994-14
名称: CA-1994-14
链接:http://www.cert.org/advisories/CA-1994-14.html

来源:CERT/CC Advisory: CA-1994-07
名称: CA-1994-07
链接:http://www.cert.org/advisories/CA-1994-07.html

来源: BID
名称: 5921
链接:http://www.securityfocus.com/bid/5921

来源: XF
名称: sendmail-backdoor(10313)
链接:http://www.iss.net/security_center/static/10313.php

来源: BUGTRAQ
名称: 20021009 Re: CERT Advisory CA-2002-28 Trojan Horse Sendmail
链接:http://online.securityfocus.com/archive/1/294539

来源: BUGTRAQ
名称: 20020801 OpenSSH Security Advisory: Trojaned Distribution Files
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=102821663814127&w=2

来源: BUGTRAQ
名称: 20020801 trojan horse in recent openssh (version 3.4 portable 1)
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=102820843403741&w=2