[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [d-security] woody apache/ssl - security issue?

On Wed, Sep 25, 2002 at 03:18:02PM +0200, Tycho Fruru wrote:
> > The logfile entries you've shown are absolutely harmless, I use exactly
> > the same strings for testing if a webserver responses.
> hmm. To me they don't seem harmless.  Looks more like you've been
> visited by a slapper worm (which leaves the same trails in your
> logfiles)
The messages itself are absolutely harmless. Whatever brought down your
server did it at least not by using just these queries. They can be used 
by a worm though - to quickly check which server version is displayed.
To check if the server is vulnerable to the slapper worm (i.e. the recent 
OpenSSL vulnerability), visit:



Reply to: