[PLUG] Slapper.C
Steven Raymond
stever at woo-hoo.com
Tue Oct 1 17:43:30 UTC 2002
>
> I just found one of my servers infected with the Slapper.C(Cinik) worm.
> This machine is totally up to date as far as Red Hat Network, which
> means openssl-0.9.6b-28.
>
> I have read most of the threads in here on Slapper and I surmised that
> RH back-ported the appropriate fix. Apparently I was wrong, and now all
> my machines are exposed.
How exactly do you conclude that the Red Hat updates fail to fix this
vulnerability? Could it be possible that somehow the machines were
infected prior to the update? Do you have documentation that states that
the Red Hat fix is not enough?
Thank you
More information about the PLUG
mailing list