Re: Fwd: bugtraq.c httpd apache ssl attack

To: "debian-security@lists.debian.org" <debian-security@lists.debian.org>
Subject: Re: Fwd: bugtraq.c httpd apache ssl attack
From: Michael Renzmann <mrenzmann@dylanic.de>
Date: Sat, 14 Sep 2002 19:24:06 +0200
Message-id: <[🔎] 3D8370B6.7040905@dylanic.de>
References: <[🔎] Pine.LNX.4.44.0209141133520.15443-100000@agni.phys.iit.edu> <[🔎] 3D8369C4.1010903@dylanic.de>

Hi all.

As addition to my previous mail: the source is now available fordownload at the following URL:


http://217.24.0.78/bugtraq.c.txt

One thing that makes me wonder: after I wrote my first few lines aboutthe attack on the rlx blade server that we experienced, someone gave acorrect hint to the worm (describing it with some of its actions), andalso mentioned a URL for the source code of the worm. When looking atthat source (http://dammit.lt/apache-worm/apache-worm.c) it is quiteobviously that "our" source is totally different. Is there a secondvariant of the worm, or is this another worm using the same exploit?


Bye, Mike

Reply to:

Follow-Ups:
- Re: Fwd: bugtraq.c httpd apache ssl attack
  - From: "Noah L. Meyerhans" <noahm@debian.org>
- Re: Fwd: bugtraq.c httpd apache ssl attack
  - From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>

References:
- Re: Fwd: bugtraq.c httpd apache ssl attack
  - From: David Ehle <ehle@agni.phys.iit.edu>
- Re: Fwd: bugtraq.c httpd apache ssl attack
  - From: Michael Renzmann <mrenzmann@dylanic.de>

Prev by Date: Re: Fwd: bugtraq.c httpd apache ssl attack
Next by Date: Re: Fwd: bugtraq.c httpd apache ssl attack
Previous by thread: Re: Fwd: bugtraq.c httpd apache ssl attack
Next by thread: Re: Fwd: bugtraq.c httpd apache ssl attack
Index(es):
- Date
- Thread