Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Slapper worm type B
  • From: Fabrizio Di Meo <fabriziodimeo@xxxxxxxx>
  • Date: Mon, 23 Sep 2002 07:01:07 +0200 (CEST)
  • Message-id: <20020923050107.67745.qmail@xxxxxxxxxxxxxxxxxxxxxxx>

Hi all,

does the last openSSL fix the slapper.B worm ?

---quoting ISS security advice---

Internet Security Systems Security Brief
September 22, 2002

Propagation of "Slapper" OpenSSL/Apache Worm Variant

Synopsis:

ISS X-Force has learned of the existence of a variant of the "Slapper" (also
known as Slapper.A) worm that X-Force documented in a X-Force Security Alert
on September 14, 2002. The new variant, named Slapper.B, has several subtle
differences from the first Slapper worm, but it is for the most part an
updated version of its predecessor. Both versions carry the same attack
payload and attempt to exploit a previously disclosed vulnerability in the
Secure Sockets Layer 2.0 (SSLv2) handshake process. Slapper.A and Slapper.B
both target the Linux operating system running the Apache Web server with
OpenSSL.

---end quoting---



Thank you.





---------------------------------
MIo Yahoo! : personalizza Yahoo! come piace a te
< Previous Next >
This Thread
  • No further messages