Security Incidents mailing list archives
RE: What's on udp/2002 ?
From: "Matthew F. Caldwell" <mattc () guarded net>
Date: Wed, 18 Sep 2002 14:36:19 -0400
This is the control channel for the P2P network of the SLAPPER WORM. The first instance of the worm we detected originated from a European University. Vulnerabilities: ---------------- Viruses/Worms: Late on September 13th, a new virus known as Linux.Slapper.Worm or the Apache/mod_ssl Worm was discovered. The worm tries to exploit a buffer overflow vulnerability in the OpenSSL component of SSL-enabled Apache web servers. Once active, the worm can be used as a backdoor to start up a range of denial-of-service attacks. Recommendations: ---------------- Virsues/Worms: Some Antivirus firms have updated definitions to combat this threat. Please check with your antivirus provider immediately and carefully review the advisory at http://www.cert.org/advisories/CA-2002-27.html. Matthew F. Caldwell, CISSP Chief Security Officer GuardedNet, Inc -----Original Message----- From: Guido Van De Velde [mailto:Guido.VanDeVelde () cc kuleuven ac be] Sent: Wednesday, September 18, 2002 8:54 AM To: incidents () securityfocus com Subject: What's on udp/2002 ? At least something very interesting, according to our fw logs. Anyone any idea ? TIA -- guido ------------------------------------------------------------------------ ---- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- What's on udp/2002 ? Guido Van De Velde (Sep 18)
- Re: What's on udp/2002 ? rewt (Sep 18)
- Re: What's on udp/2002 ? Nick FitzGerald (Sep 18)
- Re: What's on udp/2002 ? Jay D. Dyson (Sep 18)
- Re: What's on udp/2002 ? Kurt Seifried (Sep 18)
- Re: What's on udp/2002 ? Russell Harding (Sep 18)
- Re: What's on udp/2002 ? Nick FitzGerald (Sep 18)
- Re: What's on udp/2002 ? Johannes Ullrich (Sep 18)
- Re: What's on udp/2002 ? Jose Nazario (Sep 18)
- Re: What's on udp/2002 ? Guido Van De Velde (Sep 18)
- <Possible follow-ups>
- RE: What's on udp/2002 ? Matthew F. Caldwell (Sep 18)
- Re: What's on udp/2002 ? rewt (Sep 18)