slapper worm

[Mike McCarty]

James Kosin wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Jesse Keating wrote:
> 
>>On Mon, 2006-01-23 at 17:11 -0500, James Kosin wrote:
>>
>>>My version takes care of the mod_ssl issue he already disabled.  FC1
>>>doesn't have a fix or if so it hasn't gone through QA yet. 
>>
>>Do you have a CVE for the ssl issue?  I'd like to see if it is somewhere
>>in the QA pipeline.
>>
>>
>>
>>------------------------------------------------------------------------
> 
> Jesse,
> 
> Just checked this morning.
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175406
> 
> But, I think we may need to do something pro actively...  I'm seeing
> many posting either not knowing about this worm or not knowing if they
> are protected or how vulnerable they may be.

[snip]

I'm a little shocked at this, frankly. I Googled around, and
found mentions of the Slapper going back to 2002. Why is it that
this exploit (and variations of it) haven't all been stamped
out years ago?

Mike
-- 
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!