[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: rlx blade server attacked

On Fri, Sep 13, 2002 at 08:45:32PM +0200, Michael Renzmann wrote:
> Hi Jason.
> Jason Sopko wrote:
> >The Apache worm you're infected with was posted on bugtraq earlier
> >today. It exploits mod_ssl and can be identified by doing a ps -ax |
> >grep bugtraq (it runs as the name .bugtraq). The source for it is here:
> >
> >http://dammit.lt/apache-worm/apache-worm.c
> Thanks a lot for the fast reply. You are right, I can approve that this 
> is the worm that attacked the management blade. It started it's attack 
> somewhere around noon (local time) today. The management blade is 
> vulnerable to this attack as it is based on RedHat 7.3 (maybe it would 
> have been better if RLX had stick to Debian as they used before).
> Thanks a lot for the help.
> Bye, Mike
Is debian woody vulnerable to this exploits?
AFAIK i didn't see any recent DSA (except DSA-135) mentioning this


Reply to: