Re: Fwd: bugtraq.c httpd apache ssl attack
Is this the same vulnerability exploited bye the "Linux.Slapper.Worm"?
The reports openssl 0.9.6d and older are vulnerable, and woody seems to be
Is DSA-126-1 openssl saying that this has been patched in the woody debian
On Fri, 13 Sep 2002, Florian Weimer wrote:
> Phillip Hofmeister <email@example.com> writes:
> > Even through we are not mentioned are we vulnerable to this attack?
> Current rumours indicate that CAN-2002-0656 is exploited. DSA-136
> addresses this vulnerability:
> I still have to see the worm, so I can't say for sure that you are
> safe, but it's a good time to update if you haven't done so. ;-)
> Florian Weimer Weimer@CERT.Uni-Stuttgart.DE
> University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/
> RUS-CERT fax +49-711-685-5898
> To UNSUBSCRIBE, email to firstname.lastname@example.org
> with a subject of "unsubscribe". Trouble? Contact email@example.com