[PLUG] Slapper.C
Keith Nasman
keith at ahapala.net
Tue Oct 1 18:52:29 UTC 2002
On Tue, 1 Oct 2002, Steven Raymond wrote:
> >
> > I just found one of my servers infected with the Slapper.C(Cinik) worm.
> > This machine is totally up to date as far as Red Hat Network, which
> > means openssl-0.9.6b-28.
> >
> > I have read most of the threads in here on Slapper and I surmised that
> > RH back-ported the appropriate fix. Apparently I was wrong, and now all
> > my machines are exposed.
>
>
> How exactly do you conclude that the Red Hat updates fail to fix this
> vulnerability? Could it be possible that somehow the machines were
> infected prior to the update? Do you have documentation that states that
> the Red Hat fix is not enough?
>
> Thank you
>
Well, good questions. The openssl RPM updated on 13Aug02
Name : openssl Relocations: (not relocateable)
Version : 0.9.6b Vendor: Red Hat, Inc.
Install date: Tue 13 Aug 2002 08:56:41 AM PDT Build Host: stripples.devel.redhat.com
Group : System Environment/Libraries Source RPM:
openssl-0.9.6b-28.src.rpm
I don't know if the update restarted the daemon, I'll have to check. I
don't have any documentation from Red Hat and am awaiting a reply from
someone at rhn-users which I'll forward to the list.
Keith
More information about the PLUG
mailing list