Navigation
User login
Quote
Jamie Zawinski
Some people, when confronted with a problem, think "I know, I'll use regular expressions." Now they have two problems.
OpenSSL Worm in the Wild: LinuxSecurity.com
Mon, 09/16/2002 - 08:17 — charlie.collins
Some time back all versions of OpenSSL prior to 0.9.6e were found to have buffer overflow vulnerabilities. This was quickly addressed and patches to OpenSSL were made available right away. However, it appears that many people did not rebuild their apache server binaries that may have been originally build or linked with the vulnerable OpenSSL code. This includes mod_ssl, apache_ssl, etc. There is now a WORM IN THE WILD that can exploit these apache servers. It is important to note that this is a flaw in OpenSSL and it is important to understand that apache is vulnerable if flawed OpenSSL was used in building it.
See the linked LinuxSecurity.com story and read the CERT advisories. OpenSSL Worm Loose in the Wild
This work is licensed under a Creative Commons License.
1998-2008 temple of the screaming penguin
TotSP Search
Community
Chatter
17 hours 35 min ago
1 day 20 hours ago
1 week 1 day ago
1 week 2 days ago
1 week 2 days ago
1 week 3 days ago
1 week 4 days ago
2 weeks 5 days ago
2 weeks 5 days ago
2 weeks 6 days ago