Mail Archives: cygwin/2005/01/10/14:21:48

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2005/01/10/14:21:48

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

To: cygwin AT cygwin DOT com

From: geneSmith <gene DOT smith AT sea DOT siemens DOT com>

Subject: Re: is "BKDR_HACDEF.M" found in c:\cygwin\bin\cygcrypt-0.dll for real?

Date: Mon, 10 Jan 2005 14:21:18 -0500

Lines: 32

Message-ID: <crukjg$o5q$1@sea.gmane.org>

References: <20050110162858 DOT GA1228 AT ste DOT sharp-eu DOT com>

Mime-Version: 1.0

X-Complaints-To: usenet AT sea DOT gmane DOT org

X-Gmane-NNTP-Posting-Host: 66.168.89.166

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.3) Gecko/20040910

In-Reply-To: <20050110162858.GA1228@ste.sharp-eu.com>

X-IsSubscribed: yes

Note-from-DJ: This may be spam

Christian Montanari wrote, On 1/10/2005 11:28 AM:
> Our local virus scan tool provided by ***** 
> reported a "trojan horse" called "BKDR_HACDEF.M" found in c:\cygwin\bin\cygcrypt-0.dll
> 
> c.f.: 
> 
> http://www.******.com/vinfo/virusencyclo/default5.asp?VName=BKDR_HACDEF.M
> 
> Could you tell me what is your point of view about this ? is it a fluke information ?
> does the code for cygcrypt-0.dll need to be checked against Easter-Eggs of this kind ?
> 
> Regards,
> 
> ========================================
> Christian Montanari,
> SHARP TELECOMMUNICATIONS OF EUROPE Ltd.,
> Azure House,
> Bagshot Road,
> Bracknell,
> Berks, RG12 7QY, UK.
> Tel: +44 (0) 1344 301883
> Fax: +44 (0) 1344 300293
> ========================================
> 
> 
Detected on 2 systems here by Trend Micro and it deleted the file. 
According to a website describing the virus, it can use a possible 
vulnerability in the file to implement the backdoor. Are there any know 
vulnerabilities in cygcrypt-0.dll?

-- 
Lit up like Levy's


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
To:	cygwin AT cygwin DOT com
From:	geneSmith <gene DOT smith AT sea DOT siemens DOT com>
Subject:	Re: is "BKDR_HACDEF.M" found in c:\cygwin\bin\cygcrypt-0.dll for real?
Date:	Mon, 10 Jan 2005 14:21:18 -0500
Lines:	32
Message-ID:	<crukjg$o5q$1@sea.gmane.org>
References:	<20050110162858 DOT GA1228 AT ste DOT sharp-eu DOT com>
Mime-Version:	1.0
X-Complaints-To:	usenet AT sea DOT gmane DOT org
X-Gmane-NNTP-Posting-Host:	66.168.89.166
User-Agent:	Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.3) Gecko/20040910
In-Reply-To:	<20050110162858.GA1228@ste.sharp-eu.com>
X-IsSubscribed:	yes
Note-from-DJ:	This may be spam