[REVS] Security holes... Who cares? (Security patches handling case study)
From: support@securiteam.com
Date: 11/18/02
- Previous message: support@securiteam.com: "[NT] LiteServe URL Decoding DoS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: 18 Nov 2002 10:28:59 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
Beyond Security would like to welcome Tiscali World Online
to our service provider team.
For more info on their service offering IP-Secure,
please visit http://www.worldonline.co.za/services/work_ip.asp
- - - - - - - - -
Security holes... Who cares? (Security patches handling case study)
------------------------------------------------------------------------
SUMMARY
RTFM reported on an observational study of user response following the
OpenSSL remote buffer overflows of July 2002 and the worm that exploited
it in September 2002. Immediately after the publication of the bug and its
subsequent fix we identified a set of vulnerable servers. In the weeks
that followed we regularly probed each server to determine whether it had
applied one of the relevant fixes. RTFM reports two primary results.
First, RTFM found that administrators are generally very slow to apply the
fixes. Two weeks after the bug announcement, more than two thirds of
servers were still vulnerable. Second, RTFM has identified several weak
predictors of user response and find that the pattern differs in the
period following the release of the bug and that following the release of
the worm.
DETAILS
The complete research paper can be found at:
<http://www.rtfm.com/upgrade.pdf> http://www.rtfm.com/upgrade.pdf [PDF]
<http://www.rtfm.com/upgrade.ps> http://www.rtfm.com/upgrade.ps [PS]
ADDITIONAL INFORMATION
The information has been provided by <mailto:ekr@rtfm.com> Eric Rescorla
of RTFM.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Next message: support@securiteam.com: "[NEWS] Default SNMP Community in Surecom Broadband Router"
- Previous message: support@securiteam.com: "[NT] LiteServe URL Decoding DoS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
