[Zope] Heads up! (OpenSSL worm in the wild)
Adam Manock
abmanock@earthlink.net
Fri, 13 Sep 2002 15:08:32 -0400
More info at:
http://online.securityfocus.com/bid/5363/discussion/
Also see below...
Adam
>Date: Fri, 13 Sep 2002 18:16:33 +0100
>From: Ben Laurie <ben@algroup.co.uk>
>To: Bugtraq <BUGTRAQ@SECURITYFOCUS.COM>,
> Cryptography <cryptography@wasabisystems.com>,
> cypherpunks <cypherpunks@einstein.ssz.com>,
> Apache SSL <apache-ssl@lists.aldigital.co.uk>
>Subject: OpenSSL worm in the wild
>
>
>I have now seen a worm for the OpenSSL problems I reported a few weeks
>back in the wild. Anyone who has not patched/upgraded to 0.9.6e+ should be
>_seriously worried_.
>
>It appears to be exclusively targeted at Linux systems, but I wouldn't
>count on variants for other systems not existing.
>
>Cheers,
>
>Ben.
>
>--
>http://www.apache-ssl.org/ben.html http://www.thebunker.net/
>
>"There is no limit to what a man can do or how far he can go if he
>doesn't mind who gets the credit." - Robert Woodruff