Alan
On Tue, 2002-09-17 at 23:03, Louis Lee wrote:
Since most of you use Linux :) , I figure many of you will be interested in the following CERT advisory. I've included the top part. (Doug: Since we don't run SSL on our apache, we're safe for now....) Louie http://www.cert.org/advisories/CA-2002-27.html Original release date: September 14, 2002 Last revised: September 17, 2002 13:43 EDT (UTC-0400) Source: CERT/CC Systems Affected * Linux systems running Apache with mod_ssl accessing SSLv2-enabled OpenSSL 0.9.6d or earlier on Intel x86 architectures Overview The CERT/CC has received reports of self-propagating malicious code which exploits a vulnerability (VU#102795) in OpenSSL. This malicious code has been referred to as Apache/mod_ssl worm, linux.slapper.worm and bugtraq.c worm. Reports received by the CERT/CC indicate that the Apache/mod_ssl worm has already infected thousands of systems. _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
