Re: Response from CERT regarding Linux Slapper worm

[Helmut Springer <delta () faveve uni-stuttgart de>]

Hi,


On 31 Oct 2002 at 10:09 +0100, John.Airey () rnib org uk wrote:
> Today I received an email response from CERT giving the following page
> detailing the vendor information for the status of OpenSSL updates.
>
> http://www.kb.cert.org/vuls/id/102795#systems
>
> Mind you, the page itself is a little obscure. I think it means to
> say that the vendor's version is vulnerable before the version
> released on the date given, but doesn't.

No.  The list shows vendor's reactions/statements regarding the
vulnerability and the date this statement was updated the last time.



> The observant will note that there is no link to this from 
>
> http://www.cert.org/advisories/CA-2002-27.html

That includes a link to http://www.kb.cert.org/vuls/id/102795


Ok, it's early in the morning and you might take another coffee...


Cheers,

-- 
MfG/best regards, helmut springer
        
<Apatrix:#eu-opers> Yeah... German servers never split, Vesa is always right
                    and Fusion is God :)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html