>> Even through we are not mentioned are we vulnerable to this attack? > >Current rumours indicate that CAN-2002-0656 is exploited. DSA-136 >addresses this vulnerability: > >http://www.debian.org/security/2002/dsa-136 > >I still have to see the worm, so I can't say for sure that you are >safe, but it's a good time to update if you haven't done so. ;-)
I have seen two Debian machines exploited with the -d version of openssl, denoted by the the files: /tmp/.bugtraq.c /tmp/.uubugtraq It seems that the worm not fully exploit debian, because the DOS program was not compiled and running (and gcc was installed on one of the . Another redhat machine was exploited and has the /tmp/.bugtraq.c compiled and running. Anyway, updating its a priority, because the worm could be improved to succesfully exploit debian. -- .,,, Guillermo PĂ©rez -=] 14/09/2002 [=- _' .,,,, - bisho@ ( onirica.com | eurielec.etsit.upm.es ) (v)/ ,'' ( \/ :: Las personas no son recursos humanos. No los :: bisho! ``\\ :: rebajemos a ladrillos. ::