Vulnerability Development mailing list archives
Re: exploit code targeting OpenSSL and Mod_SSL ?
From: Joe Stewart <jstewart () lurhq com>
Date: Tue, 15 Apr 2003 12:11:31 -0400
On Monday 14 April 2003 10:18 pm, John wrote:
Is anyone aware of the existence of exploit code in the wild that is currently targeting OpenSSL and Mod_SSL vulnerabilities?
There's a lot of that going on right now. I wrote an analysis of one particular OpenSSL exploit kit that is circulating: http://www.lurhq.com/atd.html
From what I've seen, almost all of the kiddie activity on port 443 lately
based on openssl-too-open.c by Solar Eclipse. -Joe -- Joe Stewart, GCIH Senior Intrusion Analyst LURHQ Corporation http://www.lurhq.com/
Current thread:
- exploit code targeting OpenSSL and Mod_SSL ? John (Apr 15)
- Re: exploit code targeting OpenSSL and Mod_SSL ? Joe Stewart (Apr 15)
- Re: exploit code targeting OpenSSL and Mod_SSL ? Simayi (Apr 17)
- Re: exploit code targeting OpenSSL and Mod_SSL ? Geoffroy Raimbault (Apr 15)
- <Possible follow-ups>
- RE: exploit code targeting OpenSSL and Mod_SSL ? Don Sauer (Apr 15)
- RE: exploit code targeting OpenSSL and Mod_SSL ? Arne Ansper (Apr 16)
- Re: exploit code targeting OpenSSL and Mod_SSL ? Joe Stewart (Apr 15)