Author Archive
Session Hijacking, DoS Bugs in Windows Remote Desktop
September 19, 2002
Update: We’ve just found out that Windows XP Pro SP1 does include patches for these two vulnerabilities, and MS has released bulletin MS02-051 with a fix for Windows 2000 as well. Multiple vulnerabilities have been discovered in Microsoft’s Remote Desktop Protocol, which is used to power Terminal Services for Windows 2000 servers, as well as […]
OpenSSL Vulnerability Detection Tool Released
September 18, 2002
RUS-CERT has released a useful tool for the remote detection of vulnerable OpenSSL servers. It connects to a host and attempts to perform a small, harmless buffer overflow; if the target does not crash, it is likely susceptible to the Slapper worm and other SSLv2 exploits. Updated OpenSSL servers may crash or return errors when […]
OpenSSL 'Slapper' Update
September 17, 2002
Anti-virus firm F-Secure has placed one of their systems on the Slapper worm’s peer to peer network, enabling them to monitor the number of OpenSSL servers infected. The data they’ve colleced thus far indicates that it is spreading fairly rapidly: as of this morning, over 11249 systems were on the worm’s P2P network, compared to […]
« Older Entries Newer Entries »
