OSVDB ID: 14702 Title: Site Compromise Software Distribution Backdoor |
Info |
|
|
Dates |
||||
|
|
Description |
Software distributed from various sites may contain a backdoor or malicious code. The issue is due to the distribution site being compromised by an attacker who then modifies the software available to everyone else. By placing a backdoor or other malicious code in the software package, any subsequent downloads may pose a risk to administrators who choose to install the software. This type of attack is extremely difficult to counter against given the nature of the internet. In the past, several sites have experienced such an attack. The list included contains known occurances but is far from inclusive. The only way to really prevent such attacks is consistantly check the site for news of such attacks and continue to check MD5 sums for all downloads (even though they can be trivially forged under such a scenario). |
Classification |
Location:
Remote/Network Access Required
Attack Type: Other Impact: Loss of Integrity Exploit: Exploit Rumored / Private |
Solution |
Upgrade to the latest version deemed safe by the site administrator. It is essential that previous versions be completely removed before the new version is installed to guarantee integrity. |
Products |
|
References |
|
Credit |
Unknown or Incomplete |