OpenSSL worm in the wild

From: Ben Laurie (ben@algroup.co.uk)
Date: 09/13/02

• Previous message: prophecy@prophecy.net.nz: "Race condition in BRU Workstation 17.0"
• Next in thread: Dave Ahmad: "Re: OpenSSL worm in the wild"
• Reply: Dave Ahmad: "Re: OpenSSL worm in the wild"
• Reply: Eric Rescorla: "Re: OpenSSL worm in the wild"
• Reply: Eric Rescorla: "Re: OpenSSL worm in the wild"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 13 Sep 2002 18:16:33 +0100
From: Ben Laurie <ben@algroup.co.uk>
To: Bugtraq <BUGTRAQ@SECURITYFOCUS.COM>, Cryptography <cryptography@wasabisystems.com>, cypherpunks <cypherpunks@einstein.ssz.com>, Apache SSL <apache-ssl@lists.aldigital.co.uk>

I have now seen a worm for the OpenSSL problems I reported a few weeks
back in the wild. Anyone who has not patched/upgraded to 0.9.6e+ should
be _seriously worried_.

It appears to be exclusively targeted at Linux systems, but I wouldn't
count on variants for other systems not existing.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

---

• Previous message: prophecy@prophecy.net.nz: "Race condition in BRU Workstation 17.0"
• Next in thread: Dave Ahmad: "Re: OpenSSL worm in the wild"
• Reply: Dave Ahmad: "Re: OpenSSL worm in the wild"
• Reply: Eric Rescorla: "Re: OpenSSL worm in the wild"
• Reply: Eric Rescorla: "Re: OpenSSL worm in the wild"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2002-09