Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Re: [suse-security] Linux/Slapper.worm
  • From: Marcel Erkens <merkens@xxxxxxxxxxxxxxxx>
  • Date: Wed, 18 Sep 2002 08:29:22 -0500
  • Message-id: <200209180829.22968.merkens@xxxxxxxxxxxxxxxx>
On Wednesday 18 September 2002 08:15, Olaf Kirch wrote:
> On Wed, Sep 18, 2002 at 02:54:12PM +0200, Joachim Hummel wrote:
> > Copy from SecurityFocus.com:
> > The OpenSSL server vulnerability exploit exists on a wide variety of
> > platforms, but Slapper appears to work only on Linux systems running
> > Apache with the OpenSSL module (mod_ssl) on Intel architectures.
>
> It's easy, if you look at how things work:
>
> - apache uses mod_ssl
> - mod_ssl uses OpenSSL
> - OpenSSL has a buffer overflow
>
> So yes, everyone is talking about the "Apache/mod_ssl" worm because
> that's how it propagates. But the vulnerability is at a layer below
> that; any other service using OpenSSL's SSL implementation could probably
> used to propagate the worm as well (anybody out there running webmin?)
>
> So: You upgrade OpenSSL, the buffer overflow is gone, everyone is happy.

Or disable mod_ssl if you don't need it ;)


>
> Olaf


< Previous Next >