Re: Fwd: bugtraq.c httpd apache ssl attack

To: debian-security@lists.debian.org
Subject: Re: Fwd: bugtraq.c httpd apache ssl attack
From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>
Date: Fri, 13 Sep 2002 20:41:26 +0200
Message-id: <[🔎] 87d6rhg2ax.fsf@Login.CERT.Uni-Stuttgart.DE>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20020913172528.GA12508@zionlth.org> (Phillip Hofmeister's message of "Fri, 13 Sep 2002 13:25:28 -0400")
References: <[🔎] 20020913172528.GA12508@zionlth.org>

Phillip Hofmeister <plhofmei@zionlth.org> writes:

> Even through we are not mentioned are we vulnerable to this attack?

Current rumours indicate that CAN-2002-0656 is exploited.  DSA-136
addresses this vulnerability:

http://www.debian.org/security/2002/dsa-136

I still have to see the worm, so I can't say for sure that you are
safe, but it's a good time to update if you haven't done so. ;-)

-- 
Florian Weimer 	                  Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          fax +49-711-685-5898

Reply to:

Follow-Ups:
- Re: Fwd: bugtraq.c httpd apache ssl attack
  - From: David Ehle <ehle@agni.phys.iit.edu>

References:
- Fwd: bugtraq.c httpd apache ssl attack
  - From: Phillip Hofmeister <plhofmei@zionlth.org>

Prev by Date: Fwd: bugtraq.c httpd apache ssl attack
Next by Date: Re: rlx blade server attacked
Previous by thread: Fwd: bugtraq.c httpd apache ssl attack
Next by thread: Re: Fwd: bugtraq.c httpd apache ssl attack
Index(es):
- Date
- Thread