Interesting. I patched openssl the day the patch was announced (using up2date.) When the Slapper worm came out, I knew my system wasn't vulnerable, because I had already applied the patch on June 29th when it was released. I'm not sure why there would have been confusion about whether or not your system might be vulnerable, since both the the vulnerability and the patch were publicly announced, but I suspect it had to do with the fact that (at least in the case of Red Hat) the *version* of openssl you're running is patched rather than updating to the latest version.
On RH 7.2 (my system), for example, openssl is version 0.9.6b, but it's patched against this vulnerability. All the advisories suggest updating to at least version 0.9.6e if not g, but they do not address the fact that your vendor may have patched previous versions. I sent a post to bugtraq pointing that out, but it was never published. Guess I'll just use this list from now on. Paul Schmehl ([EMAIL PROTECTED]) Department Coordinator The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Monday, September 23, 2002 9:48 AM > To: [EMAIL PROTECTED] > Subject: [Full-Disclosure] The last word on the Linux Slapper worm > Importance: High > > > There has been a lack of information about the potential for > damage around the Linux Slapper worm, and posts to the > bugtraq list ranging from the sublime to the ridiculous. I am > hoping that this post will clear up any doubts people may > have about the vulnerabilities of their systems. It appears > that the Linux vendors and openssl had been working together > to produce an update to the vulnerability that was exploited > by this worm. However, none of the openssl maintainers other > than Mark Cox of Red Hat knows anything about this from what > I can gather. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
