Re: Fwd: bugtraq.c httpd apache ssl attack

To: debian-security@lists.debian.org
Subject: Re: Fwd: bugtraq.c httpd apache ssl attack
From: Guille -bisho- <bisho@eurielec.etsit.upm.es>
Date: 14 Sep 2002 19:46:03 +0200
Message-id: <[🔎] 1032025563.3879.82.camel@localhost>

>> Even through we are not mentioned are we vulnerable to this attack?
>
>Current rumours indicate that CAN-2002-0656 is exploited.  DSA-136
>addresses this vulnerability:
>
>http://www.debian.org/security/2002/dsa-136
>
>I still have to see the worm, so I can't say for sure that you are
>safe, but it's a good time to update if you haven't done so. ;-)

I have seen two Debian machines exploited with the -d version of
openssl, denoted by the the files:
/tmp/.bugtraq.c  /tmp/.uubugtraq

It seems that the worm not fully exploit debian, because the DOS program
was not compiled and running (and gcc was installed on one of the .
Another redhat machine was exploited and has the /tmp/.bugtraq.c
compiled and running.

Anyway, updating its a priority, because the worm could be improved to
succesfully exploit debian.

-- 
        .,,,   Guillermo Pérez    -=] 14/09/2002 [=-
      _' .,,,,  - bisho@ ( onirica.com | eurielec.etsit.upm.es )
     (v)/ ,''
      ( \/    ::     Las personas no son recursos humanos. No los     ::
bisho! ``\\  ::                 rebajemos a ladrillos.                ::

Reply to:

Follow-Ups:
- Re: Fwd: bugtraq.c httpd apache ssl attack
  - From: "Noah L. Meyerhans" <noahm@debian.org>

Prev by Date: Re: Fwd: bugtraq.c httpd apache ssl attack
Next by Date: Re: Fwd: bugtraq.c httpd apache ssl attack
Previous by thread: Re: Fwd: bugtraq.c httpd apache ssl attack
Next by thread: Re: Fwd: bugtraq.c httpd apache ssl attack
Index(es):
- Date
- Thread