On Wednesday 18 September 2002 08:15, Olaf Kirch wrote:
On Wed, Sep 18, 2002 at 02:54:12PM +0200, Joachim Hummel wrote:
Copy from SecurityFocus.com: The OpenSSL server vulnerability exploit exists on a wide variety of platforms, but Slapper appears to work only on Linux systems running Apache with the OpenSSL module (mod_ssl) on Intel architectures.
It's easy, if you look at how things work:
- apache uses mod_ssl - mod_ssl uses OpenSSL - OpenSSL has a buffer overflow
So yes, everyone is talking about the "Apache/mod_ssl" worm because that's how it propagates. But the vulnerability is at a layer below that; any other service using OpenSSL's SSL implementation could probably used to propagate the worm as well (anybody out there running webmin?)
So: You upgrade OpenSSL, the buffer overflow is gone, everyone is happy.
Or disable mod_ssl if you don't need it ;)
Olaf