Re: Fwd: bugtraq.c httpd apache ssl attack
"Noah L. Meyerhans" <noahm@debian.org> writes:
> On Sat, Sep 14, 2002 at 08:05:53PM +0200, Guille -bisho- wrote:
>> I don't know if in the c-2 the worm works partially or fully. Anybody knows?
>> It seems that the worm does not fully works on debian.
>
> The exploit code in the newest worm has been tested against
> 0.9.6c-2.woody.0. It was not sucessful.
If you want to do your own tests (without fooling around with the
worm), you can use our tool:
http://cert.uni-stuttgart.de/advisories/openssl-sslv2-master.php
--
Florian Weimer Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT fax +49-711-685-5898
Reply to: