Author Archive
More on the OpenSSL 'Slapper' Worm
September 16, 2002
Symantec has released an advisory for the emerging OpenSSL exploit worm, which has been given the name “Slapper”. It attacks servers by sending a malformed GET request to port 443 to trigger a buffer overflow and obtain a shell. The worm then sends over its own UUencoded source code in a file named .bugtraq.c to […]
OpenSSL Worm Spotted in Wild
September 13, 2002
We’ve been following credible reports that a worm propagating in the wild is breaking into servers running vulnerable versions of OpenSSL. Last month, several critical security issues, including a client-exploitable remote buffer overflow in the SSLv2 handshake process, were discovered in all OpenSSL versions prior to 0.9.6e. The worm appears to exploit this hole, although […]
MS Downplays Windows Hacking Wave
September 9, 2002
Microsoft has updated their advisory regarding the ‘mysterious’ hacking attacks that have been reportedly taking over numerous Windows systems. It now claims that no new security vulnerabilities were being exploited; instead, Windows 2000 systems with weak or no administrator passwords were targeted in a coordinated attack. The malware installed on compromised systems seems to be […]
« Older Entries Newer Entries »
