Is this the same vulnerability exploited bye the "Linux.Slapper.Worm"? http://securityresponse.symantec.com/avcenter/venc/data/linux.slapper.worm.html
The reports openssl 0.9.6d and older are vulnerable, and woody seems to be using 0.9.6.d. Is DSA-126-1 openssl saying that this has been patched in the woody debian binarys? http://www.debian.org/security/2002/dsa-136 Thanks, David. On Fri, 13 Sep 2002, Florian Weimer wrote: > Phillip Hofmeister <[EMAIL PROTECTED]> writes: > > > Even through we are not mentioned are we vulnerable to this attack? > > Current rumours indicate that CAN-2002-0656 is exploited. DSA-136 > addresses this vulnerability: > > http://www.debian.org/security/2002/dsa-136 > > I still have to see the worm, so I can't say for sure that you are > safe, but it's a good time to update if you haven't done so. ;-) > > -- > Florian Weimer [EMAIL PROTECTED] > University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ > RUS-CERT fax +49-711-685-5898 > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
