GNU Project FTP Server Compromise
From: CERT Advisory [mailto:cert-advisory@cert.org]
Sent: Wednesday, August 13, 2003 4:49 PM
To: cert-advisory@cert.org
Subject: CERT Advisory CA-2003-21 GNU Project FTP Server Compromise
...
The CERT/CC has received a report that the system housing the primary
FTP servers for the GNU software project was compromised.
...
The compromise is
reported to have occurred in March of 2003.
...
We encourage sites using the GNU software obtained from the
compromised system to verify the integrity of their distribution.
Sites that mirror the source code are encouraged to verify the
integrity of their sources. We also encourage users to inspect any and
all other software that may have been downloaded from the compromised
site. Note that it is not always sufficient to rely on the timestamps
or file sizes when trying to determine whether or not a copy of the
file has been modified.
...
This document is available from:
http://www.cert.org/advisories/CA-2003-21.html
Sent: Wednesday, August 13, 2003 4:49 PM
To: cert-advisory@cert.org
Subject: CERT Advisory CA-2003-21 GNU Project FTP Server Compromise
...
The CERT/CC has received a report that the system housing the primary
FTP servers for the GNU software project was compromised.
...
The compromise is
reported to have occurred in March of 2003.
...
We encourage sites using the GNU software obtained from the
compromised system to verify the integrity of their distribution.
Sites that mirror the source code are encouraged to verify the
integrity of their sources. We also encourage users to inspect any and
all other software that may have been downloaded from the compromised
site. Note that it is not always sufficient to rely on the timestamps
or file sizes when trying to determine whether or not a copy of the
file has been modified.
...
This document is available from:
http://www.cert.org/advisories/CA-2003-21.html
