The latest sources of tcpdump and libpcap have trojan code. More details can be had here:
http://www.net-security.org/news.php?id=1436
Regards,
Amol Hatwar.